CN101908109A - Method for issuing, using and protecting controllable component - Google Patents
Method for issuing, using and protecting controllable component Download PDFInfo
- Publication number
- CN101908109A CN101908109A CN2010102223947A CN201010222394A CN101908109A CN 101908109 A CN101908109 A CN 101908109A CN 2010102223947 A CN2010102223947 A CN 2010102223947A CN 201010222394 A CN201010222394 A CN 201010222394A CN 101908109 A CN101908109 A CN 101908109A
- Authority
- CN
- China
- Prior art keywords
- software
- fabricator
- issuing service
- key
- osp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to a method for issuing, using and protecting a controllable component. The method comprises the following steps that: five roles need to be established; all the roles are mutually authorized; the component is effectively controlled in the process of issuing and using the component in the ways of digital certificates, signatures and encryption; only software produced by a recognized original software producer OSP can use a legal component, and only a recognized component issuing server CS can issue the legal component to a software component user CU; and the software component user CU can apply for the legal software component only by acquiring the software from a legal original software producer OSP. The method has the advantages that the software producer can be qualified for producing the legal software by the scheme so as to ensure that the produced software can use the legal software component, and the component produced by the software component producer can be finally used by the user after being submitted to a component issuer and signed to ensure legal sources of the component.
Description
Technical field
The present invention relates to computer software technical field, a kind of specifically controlled software component issue and use guard method.
Background technology
The reusability of software is the key point of the prosperous development of software industry, and will reach the reusability of software, and " software componentization " is the basis of realizing this target.Along with the development of technology and time, the software development of component-oriented and application are the new trends of software development.
The componentization of software development must propose new requirement to the issue of software component and use and protection.The guard method that current software uses is varied.Can be divided into soft protection and hard protection by the physical protection mode.Soft protection is carried out software protection by the authentication mechanism and the login mechanism of software self, and hard protection is protected by the mode of " class Dongle ".Can be divided into the protection of network protection and unit again by physical distribution.Network protection need be carried out authentication and identification by network, or registers the software acquisition rights of using that make on the network by the webserver.Unit protection then obtains rights of using by certain registration on single machine with service, as by hardware ID identification and registration, or authorize by unit license etc.
The software component technology has begun flourish, but also lacks effective guard method at present for how to use and issue member, now more is that the license method that member itself moves by self makes the member operation obtain authority.This method can only be protected the member producer's interests, can not control the issue and the use of whole member, and can not produce protective effect to the software component user.
In addition, the componentization technology has been brought software development and user's innovation of the law, but using and being distributed on of member but do not have unified management in some industries, and the potential safety hazard that therefore can exist some to use and move can not the fine assurance member producer and client's interests.In some industries or organize the field, need use the issue of member especially and propose highly controlled requirement, thereby guarantee information security and security of operation that member issue and client use, self software environment is needed the tissue that highly control and enterprise etc. as field such as financial information system, Defense Message System and other.
Summary of the invention
The objective of the invention is to lack effective controling mechanism at the issue and the use of present software component, a kind of digitizing technique scheme in working mechanism and the enterprising line height mandate of flow process is proposed, guarantee those department, enterprises that use componentization technical operation environmental works, be organized in the security of member issue and use aspect, improve the grade of security protection, reduce the security breaches of member use aspect, the protection member producer, user's interests and the whole software application environmentAL safety of organizing; Guarantee the legitimacy of member issue and the legitimacy that software client is used member, make the issue and the use of member show the state that a kind of height is controlled, thereby resist the member issue and the participation system operation of illegal or non-approval, the member issue that has guaranteed whole tissue to the full extent is with safe in utilization.
A kind of controlled member issue of the present invention and use guard method need be set up five kinds of roles, and these five kinds of roles are respectively:
The role 1: project management person SHCEME ADMINISTRATOR (being called for short SA)
The role 2: priginal soft fabricator ORIGINAL SOFTWARE PRODUCTOR (being called for short OSP)
The role 3: member producer COMPONENT PRODUCTOR (being called for short CP)
The role 4: member issuing service person COMPONENT SERVER (being called for short CS)
The role 5: software component user COMPONENT USER (being called for short CU)
Authorize mutually between each role, and the mode by digital certificate, signature, encryption is controlled effectively member in issue and use, make the software of the priginal soft fabricator OSP production that only gets the nod just can use legal member, the member issuing service person CS that only gets the nod could issue legal member and use for software component user CU; Software component user CU has only from the legal priginal soft fabricator OSP software that is applied there could apply for obtaining legal software component.
Described five kinds of roles, its function is respectively:
(1) described project management person SA is solely responsible for the maintenance and the coordination of this scheme, is served as by the highest management organization in the tissue; Project management person SA is responsible for controlling the membership qualification of protection scheme, and guarantees that all participants operate according to blas; Project management person SA is in charge of the top layer encryption key, is used to operate complete Data Protection Scheme; Simultaneously it also is the sole entity to other protection schemes participant issued certificate of having the right;
(2) described member issuing service person CS is responsible for component information to be encrypted and signing according to the program of this protection scheme definition and method; Usually mechanism or the department by software version management serves as;
(3) described priginal soft fabricator OSP is the software development person who supports this scheme, and project management person SA provides unique fabricator's key (P_KEY) of each priginal soft fabricator OSP and fabricator's identifier (P_ID); Priginal soft fabricator OSP must provide corresponding security mechanisms to make each software must have a unique identifier (SW_ID) in software systems, goes out each client software with unique identification;
(4) described member producer CP is mechanism or the department that follows certain component interface standard production member, satisfactory member after they will produce is submitted to member issuing service person CS, by member issuing service person CS to software component user CU issue software component unit through signature;
(5) described software component user CU will use the software that priginal soft fabricator OSP makes, and the client software of priginal soft fabricator OSP can utilize P_KEY to encrypt generation user's permission (UserPermit) to being embedded in software SW_ID; This user's permission is used for the required member to member issuing service person CS application client.
Mandate relation between described five kinds of roles is as follows:
1, the relation of project management person SA and priginal soft fabricator OSP
Project management person SA is the high maintenance of this scheme and the management organization of coordination, is unique in the whole proposal; It is responsible for each priginal soft fabricator (or department) OSP membership qualification is examined, therefore priginal soft fabricator OSP can have a plurality of, priginal soft fabricator OSP participates in application (1) to project management person SA submission scheme, project management person SA examines application, can issue and the unique corresponding fabricator's key (P_KEY) of OSP and fabricator's identifier (P_ID) (2) to priginal soft fabricator OSP after the approval; Project management person SA is responsible for storing and managing P_KEY and the P_ID of priginal soft fabricator OSP, in order to inquiry;
2, the relation of project management person SA and member issuing service person CS
It is right that member issuing service person CS will create the key of self, and PKI and sample signature is combined in signature key (SSK), and SSK (4) is submitted to project management person SA, whether the PKI among the project management person SA checking SSK is from member issuing service person CS, it is right that project management person SA signs SA top layer key on member issuing service side PKI afterwards, key through signature is exactly a member service side certificate, and project management person SA provides digital certificate (5) to member issuing service person CS;
3, the relation of member producer CP and member issuing service person CS
Member producer CP is submitted to member issuing service person CS (3) with the member of making, and is stored in the component base by member issuing service person CS, in order to being distributed to different software component user CU;
4, the relation of software component user CU and member issuing service person CS
Software component user CU permits the software of priginal soft fabricator OSP Userpermit to be submitted to member issuing service person CS from the user who produces and also applies for the member (6) that oneself needs, member issuing service person CS therefrom deciphers the unique identifier (SW_ID) that obtains software according to Userpermit, and utilize SW_ID to adopt symmetric encipherment algorithm the software component unit to be encrypted the member body that generates after encrypting as key, member issuing service person CS also will provide corresponding member digital signature file (7) to software component user CU simultaneously, and the digital certificate that digital signature file is issued by member body of encrypting and project management person SA is formed;
The software that software component user CU uses must be from priginal soft fabricator OSP, and user side software must be installed the SA public key certificate before the security components body that uses member issuing service person CS issue; And utilize the SA PKI that the member signature file is verified, to confirm the legitimacy of member issuing service person CS; Could be decrypted and use the member body after having only the checking legitimacy;
5, the relation of software component user CU and priginal soft fabricator OSP
The employed software of software component user CU must come from the priginal soft fabricator OSP (8) that follows this programme, and final user's software must load the SA PKI (9) of project management person SA promulgation; This PKI is that user software is used for verifying the digital signature that the member publisher provides when issuing member, thereby checking member publisher's legitimacy guarantees that the member that the user uses has legitimacy.
Authorize mutually between a kind of controlled member issue of the present invention and described each role of use guard method and be achieved in that
(1) set up five kinds of member issues and the role who uses respectively: they are respectively project management person SA, priginal soft fabricator OSP, member producer CP, member issuing service person CS, software component user CU, and their title is represented in the back narration with digital code;
(2) to produce key with symmetric encipherment algorithm right for project management person SA, i.e. SA PKI and SA private key, and SA will highly maintain secrecy to the SA private key;
(3) priginal soft fabricator OSP files an application to project management person SA, and unique priginal soft fabricator identifier P_ID and priginal soft fabricator key P_KEY are issued to priginal soft fabricator OSP in project management person SA approval back; Project management person SA is in charge of these keys and identifier;
(4) priginal soft fabricator OSP must have the function that the generation user permits Userpermit in the software of oneself producing, and each software of priginal soft fabricator OSP must have unique software identification SW_ID, and Userpermit is the cryptogram of SW_ID being encrypted as key with P_KEY according to the priginal soft fabricator OSP that certain format is deposited; This decipherment algorithm and cryptogram form are that member issuing service person CS is known, but member issuing service person CS could decipher after having only the P_KEY of acquisition;
(5) member issuing service person CS proposes to add application to project management person SA, after the project management person SA approval, member issuing service person CS is right with the symmetric encipherment algorithm generation key of the recognized each other card identical with project management person SA, be CS PKI and CS private key, member issuing service person CS produces a PKI file SSK from signature with private key, and submits to project management person SA together with the CS PKI; The SSK that project management person SA submits to CS public key verifications member issuing service person CS; If be proved to be successful, then project management person SA signs to SSK with the SA private key and produces a signature file, and with the CS PKI attached in the signature file content, this signature file is exactly the digital certificate SACA that project management person SA is presented to member issuing service person CS, and gives member issuing service person CS keeping;
(6) whenever a new member issuing service person CS member adds scheme, P_KEY and P_ID that project management person SA can issue the priginal soft fabricator OSP of all keepings give member issuing service person CS; Member issuing service person CS preserves these P_KEY and P_ID simultaneously;
(7) whenever a new priginal soft fabricator OSP member adding, project management person SA also can be distributed to all member issuing service person CS to this newcomer's P_KEY and P_ID;
(8) all can preserve the SA PKI in each software of priginal soft fabricator OSP to user's use;
(9) software of software component user CU must be submitted the Userpermit that is generated by software to member issuing service person CS when needs use member; Member issuing service person CS obtains P_KEY and the software SW_ID of this software priginal soft fabricator OSP by Userpermit; Use the SW_ID software component file that application is used as secret key encryption software component user CU after member issuing service person CS checking P_KEY is legal; And can be distributed to software component user CU together by the software component file composition member unit signature file with SACA and after encrypting;
(10) software of priginal soft fabricator OSP must have the function with SA public key verifications SACA correctness; After being proved to be successful, the SW_ID that software can utilize self as secret key decryption through the member body that member issuing service person CS encrypts, have only could be correct behind the successful decryption this member of use;
(11) member of member producer CP production must be submitted to member issuing service person CS, is kept in the component base by member issuing service person CS, could be issued by member issuing service person CS when having only software component user CU application to use.
A kind of controlled member issue of the present invention with the advantage of using guard method is:
(1) software manufacturer can obtain legal software manufacturing qualification by this programme, thereby guarantees that the software of producing can use legal software component;
(2) member of software component producer produces could be used by the final user after must submitting to member publisher signature, has guaranteed the legal source of member;
(3) member issuing service person has realized member issue and security control and the management used by the signature of member, guaranteed that software users obtains legal member, and the user software that only follows this programme just can obtain the legal member that has only this software to use;
(4) the software component user can only use the member of being signed by the software component publisher, illegal member or unauthorized member can not be used by user software, guarantee the safe and reliable of the interior software component environment for use of whole tissue, thereby guaranteed the whole safety of organizing software runtime environment.
Description of drawings
Fig. 1 is the graph of a relation that five kinds of roles of guard method were issued and used to a kind of controlled member.
Fig. 2 is controlled member issue and the authorization flow figure that uses guard method.
Fig. 3 is the use and the management flow chart of PKI and private key.
Embodiment
Shown in Fig. 1-3, a kind of controlled member issue and use guard method, comprising: need set up five kinds of roles, these five kinds of roles are respectively:
The role 1: project management person SHCEME ADMINISTRATOR (SA)
The role 2: priginal soft fabricator ORIGINAL SOFTWARE PRODUCTOR (OSP)
The role 3: member producer COMPONENT PRODUCTOR (CP)
The role 4: member issuing service person COMPONENT SERVER (CS)
The role 5: software component user COMPONENT USER (CU)
Authorize mutually between each role, and the mode by digital certificate, signature, encryption is controlled effectively member in issue and use, make the software of the priginal soft fabricator OSP production that only gets the nod just can use legal member, the member issuing service person CS that only gets the nod could issue legal member and use for software component user CU; Software component user CU has only and obtains software there from legal priginal soft fabricator OSP and could apply for obtaining legal software component.
Described five kinds of roles, its function is respectively;
(1) described project management person SA is solely responsible for the maintenance and the coordination of this scheme, is served as by the highest management organization in the tissue; Project management person SA is responsible for controlling the membership qualification of protection scheme, and guarantees that all participants operate according to blas; Project management person SA is in charge of the top layer encryption key, is used to operate complete Data Protection Scheme; Simultaneously it also is the sole entity to other protection schemes participant issued certificate of having the right;
(2) described member issuing service person CS is responsible for component information to be encrypted and signing according to the program of this protection scheme definition and method; Usually serve as by the bodies and agencies of software version management;
(3) described priginal soft fabricator OSP is the software development person who supports this scheme, and project management person SA provides unique fabricator's key (P_KEY) of each priginal soft fabricator OSP and fabricator's identifier (P_ID); Priginal soft fabricator OSP must provide corresponding security mechanisms to make each software must have a unique identifier (SW_ID) in software systems, goes out each client software with unique identification;
(4) described member producer CP is mechanism or the department that follows certain component interface standard production member, satisfactory member after they will produce is submitted to member issuing service person CS, by member issuing service person CS to software component user CU issue software component unit through signature;
(5) described software component user CU will use the software that priginal soft fabricator OSP makes, and the client software of priginal soft fabricator OSP can utilize P_KEY to encrypt generation user's permission (UserPermit) to being embedded in software SW_ID; This user's permission is used for the required member to member issuing service person CS application client.
The information of the transmission between each role numeric identifier with (1) to (8) in Fig. 1 marks.Mandate relation between described five kinds of roles is as follows:
1, the relation of project management person SA and priginal soft fabricator OSP
Project management person SA is the high maintenance of this scheme and the management organization of coordination, is unique in the whole proposal; It is responsible for each priginal soft fabricator (or department) OSP membership qualification is examined, therefore priginal soft fabricator OSP can have a plurality of, priginal soft fabricator OSP participates in application (1) to project management person SA submission scheme, project management person SA examines application, can issue and the unique corresponding fabricator's key (P_KEY) of OSP and fabricator's identifier (P_ID) (2) to priginal soft fabricator OSP after the approval; Project management person SA is responsible for storing and managing P_KEY and the P_ID of priginal soft fabricator OSP, in order to inquiry;
2, the relation of project management person SA and member issuing service person CS
It is right that member issuing service person CS will create the key of self, and PKI and sample signature is combined in signature key (SSK), and SSK (4) is submitted to project management person SA, whether the PKI among the project management person SA checking SSK is from member issuing service person CS, it is right that project management person SA signs SA top layer key on member issuing service side PKI afterwards, key through signature is exactly a member service side certificate, and project management person SA provides digital certificate (5) to member issuing service person CS;
3, the relation of member producer CP and member issuing service person CS
Member producer CP is submitted to member issuing service person CS (3) with the member of making, and is stored in the component base by member issuing service person CS, in order to being distributed to different software component user CU;
4, the relation of software component user CU and member issuing service person CS
Software component user CU permits the software of priginal soft fabricator OSP Userpermit to be submitted to member issuing service person CS from the user who produces and also applies for the member (6) that oneself needs, member issuing service person CS therefrom deciphers the unique identifier (SW_ID) that obtains software according to Userpermit, and utilize SW_ID to adopt symmetric encipherment algorithm the software component unit to be encrypted the member body that generates after encrypting as key, member issuing service person CS also will provide corresponding member digital signature file (7) to software component user CU simultaneously, and the digital certificate that digital signature file is issued by member body of encrypting and project management person SA is formed;
The software that software component user CU uses must be from priginal soft fabricator OSP, and user side software must be installed the SA public key certificate before the security components body that uses member issuing service person CS issue; And utilize the SA PKI that the member signature file is verified, to confirm the legitimacy of member issuing service person CS; Could be decrypted and use the member body after having only the checking legitimacy;
5, the relation of software component user CU and priginal soft fabricator OSP
The employed software of software component user CU must come from the priginal soft fabricator OSP (8) that follows this programme, and final user's software must load the SA PKI (9) of project management person SA promulgation; This PKI is that user software is used for verifying the digital signature that the member publisher provides when issuing member, thereby checking member publisher's legitimacy guarantees that the member that the user uses has legitimacy.
Authorize mutually between a kind of controlled member issue of the present invention and described each role of use guard method and be achieved in that
(1) set up five kinds of member issues and the role who uses respectively: they are respectively project management person SA, priginal soft fabricator OSP, member producer CP, member issuing service person CS, software component user CU, and their title is represented in the back narration with digital code;
(2) to produce key with symmetric encipherment algorithm right for project management person SA, i.e. SA PKI and SA private key, and SA will highly maintain secrecy to the SA private key;
(3) priginal soft fabricator OSP files an application to project management person SA, and unique priginal soft fabricator identifier P_ID and priginal soft fabricator key P_KEY are issued to priginal soft fabricator OSP in project management person SA approval back; Project management person SA is in charge of these keys and identifier;
(4) priginal soft fabricator OSP must have the function that the generation user permits Userpermit in the software of oneself producing, and each software of priginal soft fabricator OSP must have unique software identification SW_ID, and Userpermit is the cryptogram of SW_ID being encrypted as key with P_KEY according to the priginal soft fabricator OSP that certain format is deposited; This decipherment algorithm and cryptogram form are that member issuing service person CS is known, but member issuing service person CS could decipher after having only the P_KEY of acquisition;
(5) member issuing service person CS proposes to add application to project management person SA, after the project management person SA approval, member issuing service person CS is right with the symmetric encipherment algorithm generation key of the recognized each other card identical with project management person SA, be CS PKI and CS private key, member issuing service person CS produces a PKI file SSK from signature with private key, and submits to project management person SA together with the CS PKI; The SSK that project management person SA submits to CS public key verifications member issuing service person CS; If be proved to be successful, then project management person SA signs to SSK with the SA private key and produces a signature file, and with the CS PKI attached in the signature file content, this signature file is exactly the digital certificate SACA that project management person SA is presented to member issuing service person CS, and gives member issuing service person CS keeping;
(6) whenever a new member issuing service person CS member adds scheme, P_KEY and P_ID that project management person SA can issue the priginal soft fabricator OSP of all keepings give member issuing service person CS; Member issuing service person CS preserves these P_KEY and P_ID simultaneously;
(7) whenever a new priginal soft fabricator OSP member adding, project management person SA also can be distributed to all member issuing service person CS to this newcomer's P_KEY and P_ID;
(8) all can preserve the SA PKI in each software of priginal soft fabricator OSP to user's use;
(9) software of software component user CU must be submitted the Userpermit that is generated by software to member issuing service person CS when needs use member; Member issuing service person CS obtains P_KEY and the software SW_ID of this software priginal soft fabricator OSP by Userpermit; Use the SW_ID software component file that application is used as secret key encryption software component user CU after member issuing service person CS checking P_KEY is legal; And can be distributed to software component user CU together by the software component file composition member unit signature file with SACA and after encrypting;
(10) software of priginal soft fabricator OSP must have the function with SA public key verifications SACA correctness; After being proved to be successful, the SW_ID that software can utilize self as secret key decryption through the member body that member issuing service person CS encrypts, have only could be correct behind the successful decryption this member of use;
(11) member of member producer CP production must be submitted to member issuing service person CS, is kept in the component base by member issuing service person CS, could be issued by member issuing service person CS when having only software component user CU application to use.
Claims (7)
1. a controlled member is issued and the use guard method, it is characterized in that: this method need be set up five kinds of roles, and these five kinds of roles are respectively: project management person SA, priginal soft fabricator OSP, member producer CP, software component user CU, member issuing service person CS; Authorize mutually between each role, and the mode by digital certificate, signature, encryption is controlled effectively member in issue and use, make the software of the priginal soft fabricator OSP production that only gets the nod just can use legal member, the member issuing service person CS that only gets the nod could issue legal member and use for software component user CU; Software component user CU has only and obtains software there from legal priginal soft fabricator OSP and could apply for obtaining legal software component.
2. a kind of controlled member issue according to claim 1 and use guard method, it is characterized in that: described project management person SA is solely responsible for the maintenance and the coordination of this scheme, is served as by the highest management organization in the tissue; Project management person SA is responsible for controlling the membership qualification of protection scheme, and guarantees that all participants operate according to blas; Project management person SA is in charge of the top layer encryption key, is used to operate complete Data Protection Scheme; Simultaneously it also is the sole entity to other protection schemes participant issued certificate of having the right.
3. a kind of controlled member issue according to claim 1 with use guard method, it is characterized in that: described member issuing service person CS is responsible for component information is encrypted and signing according to the program of this protection scheme definition and method; Usually serve as by the bodies and agencies of software version management.
4. a kind of controlled member issue according to claim 1 and use guard method, it is characterized in that: described priginal soft fabricator OSP is the software development person who supports this scheme, and project management person SA provides unique fabricator's key (P_KEY) of each priginal soft fabricator OSP and fabricator's identifier (P_ID); Priginal soft fabricator OSP must provide corresponding security mechanisms to make each software must have a unique identifier (SW_ID) in software systems, goes out each client software with unique identification.
5. a kind of controlled member issue according to claim 1 and use guard method; it is characterized in that: described member producer CP is mechanism or the department that follows certain component interface standard production member; satisfactory member after they will produce is submitted to member issuing service person CS, by member issuing service person CS to software component user CU issue software component unit through signature.
6. a kind of controlled member issue according to claim 1 and use guard method, it is characterized in that: the software that described software component user CU will use priginal soft fabricator OSP to make, the client software of priginal soft fabricator OSP can utilize P_KEY to encrypt generation user's permission (UserPermit) to being embedded in software SW_ID; This user's permission is used for the required member to member issuing service person CS application client.
7. a kind of controlled member issue according to claim 1 and use guard method, it is characterized in that: the method for authorizing mutually between described five roles is as follows:
(1) to produce key with symmetric encipherment algorithm right for project management person SA, i.e. SA PKI and SA private key, and SA will highly maintain secrecy to the SA private key;
(2) priginal soft fabricator OSP files an application to project management person SA, and unique priginal soft fabricator identifier P_ID and priginal soft fabricator key P_KEY are issued to priginal soft fabricator OSP in project management person SA approval back; Project management person SA is in charge of these keys and identifier;
(3) priginal soft fabricator OSP must have the function that the generation user permits Uerpermit in the software of oneself producing, and each software of priginal soft fabricator OSP must have unique software identification SW_ID, and Uerpermit is the cryptogram of SW_ID being encrypted as key with P_KEY according to the priginal soft fabricator OSP that certain format is deposited; This decipherment algorithm and cryptogram form are that member issuing service person CS is known, but member issuing service person CS could decipher after having only the P_KEY of acquisition;
(4) member issuing service person CS proposes to add application to project management person SA, after the project management person SA approval, member issuing service person CS is right with the symmetric encipherment algorithm generation key of the recognized each other card identical with project management person SA, be CS PKI and CS private key, member issuing service person CS produces a PKI file SSK from signature with private key, and submits to project management person SA together with the CS PKI; The SSK that project management person SA submits to CS public key verifications member issuing service person CS; If be proved to be successful, then project management person SA signs to SSK with the SA private key and produces a signature file, and with the CS PKI attached in the signature file content, this signature file is exactly the digital certificate SACA that project management person SA is presented to member issuing service person CS, and gives member issuing service person CS keeping;
(5) whenever a new member issuing service person CS member adds scheme, P_KEY and P_ID that project management person SA can issue the priginal soft fabricator OSP of all keepings give member issuing service person CS; Member issuing service person CS preserves these P_KEY and P_ID simultaneously;
(6) whenever a new priginal soft fabricator OSP member adding, project management person SA also can be distributed to all member issuing service person CS to this newcomer's P_KEY and P_ID;
(7) all can preserve the SA PKI in each software of priginal soft fabricator OSP to user's use;
(8) software of software component user CU must be submitted the Userpermit that is generated by software to member issuing service person CS when needs use member; Member issuing service person CS obtains P_KEY and the software SW_ID of this software priginal soft fabricator OSP by Userpermit; Use the SW_ID software component file that application is used as secret key encryption software component user CU after member issuing service person CS checking P_KEY is legal; And can be distributed to software component user CU together by the software component file composition member unit signature file with SACA and after encrypting;
(9) software of priginal soft fabricator OSP must have the function with SA public key verifications SACA correctness; After being proved to be successful, the SW_ID that software can utilize self as secret key decryption through the member body that member issuing service person CS encrypts, have only could be correct behind the successful decryption this member of use;
(10) member of member producer CP production must be submitted to member issuing service person CS, is kept in the component base by member issuing service person CS, could be issued by member issuing service person CS when having only software component user CU application to use.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102223947A CN101908109A (en) | 2010-07-02 | 2010-07-02 | Method for issuing, using and protecting controllable component |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102223947A CN101908109A (en) | 2010-07-02 | 2010-07-02 | Method for issuing, using and protecting controllable component |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101908109A true CN101908109A (en) | 2010-12-08 |
Family
ID=43263566
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102223947A Pending CN101908109A (en) | 2010-07-02 | 2010-07-02 | Method for issuing, using and protecting controllable component |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101908109A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106991298A (en) * | 2016-01-21 | 2017-07-28 | 阿里巴巴集团控股有限公司 | Access method, the authorization requests method and device of application program docking port |
-
2010
- 2010-07-02 CN CN2010102223947A patent/CN101908109A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106991298A (en) * | 2016-01-21 | 2017-07-28 | 阿里巴巴集团控股有限公司 | Access method, the authorization requests method and device of application program docking port |
| US10878066B2 (en) | 2016-01-21 | 2020-12-29 | Banma Zhixing Network (Hongkong) Co., Limited | System and method for controlled access to application programming interfaces |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2021179449A1 (en) | Mimic defense system based on certificate identity authentication, and certificate issuing method | |
| CN101872399B (en) | Dynamic digital copyright protection method based on dual identity authentication | |
| CN103491097B (en) | Software authorization system based on public-key cryptosystem | |
| CN102656591B (en) | Use the digital rights management based on the encryption of attribute | |
| CN100458642C (en) | Binding content to an entity | |
| KR100746030B1 (en) | Method and apparatus for generating rights object with representation by commitment | |
| CN102129532B (en) | Method and system for digital copyright protection | |
| US20120278618A1 (en) | Methods of authorizing a computer license | |
| CN103491098A (en) | Software authorization method based on public key cryptosystem | |
| CN105103119A (en) | Data security service | |
| CN101107611A (en) | Private and controlled ownership sharing | |
| CN101609495A (en) | A kind of electronic document digital rights management method | |
| CN108833440B (en) | Block chain-based network security audit system and network security audit method | |
| CN1961270A (en) | License management in a privacy preserving information distribution system | |
| CN110996319B (en) | System and method for performing activation authorization management on software service | |
| CN105122265A (en) | Data security service system | |
| CN114584295B (en) | Universal black box traceability method and device for attribute-based proxy re-encryption system | |
| CN113094725B (en) | Encryption and decryption method and system for bidding documents opened remotely and intensively | |
| JP5662439B2 (en) | Method and apparatus for digital rights management (DRM) in small and medium enterprises (SME) and method for providing DRM service | |
| CN101043403A (en) | Field based digital copyright protecting family network system | |
| CN100518060C (en) | Method for protection of encipherment of digital document as well as client terminal equipment | |
| CN109644185A (en) | Method and apparatus for carrying out secure electronic data communication | |
| CN101908109A (en) | Method for issuing, using and protecting controllable component | |
| US20130014286A1 (en) | Method and system for making edrm-protected data objects available | |
| KR20090024482A (en) | Key management system for using content and method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20101208 |