CN104050397A - Method and system for controlling and managing software - Google Patents
Method and system for controlling and managing software Download PDFInfo
- Publication number
- CN104050397A CN104050397A CN201310075584.4A CN201310075584A CN104050397A CN 104050397 A CN104050397 A CN 104050397A CN 201310075584 A CN201310075584 A CN 201310075584A CN 104050397 A CN104050397 A CN 104050397A
- Authority
- CN
- China
- Prior art keywords
- software
- algorithm
- control
- authorization
- enablement
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 13
- 238000013475 authorization Methods 0.000 claims description 24
- 238000007726 management method Methods 0.000 claims description 10
- 230000010354 integration Effects 0.000 claims description 3
- 238000010187 selection method Methods 0.000 claims 1
- 238000012544 monitoring process Methods 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention is suitable for the field of software products and provides a method and a system for controlling and managing software. The invention provides a software enablement platform, which is characterized in that through control and statistical monitoring on encryption and decryption algorithms, enablement and management on the software products are realized. The method for controlling and managing the software comprises the following steps that 1, a software enablement mode is selected, and the encryption and decryption algorithms provided by the enablement platform can be arbitrarily selected by the software; 2, enablement control can be performed according to various enablement forms required by software vendors; 3, control and management on the software are performed; an algorithm software control module has a timing statistical function, a metering statistical function, a machine monitoring function and the like; the enablement running of the software is monitored at any time by the algorithm software control module so as to achieve the goal that the software is controlled and managed; 4, the unified enablement platform can be adopted by multiple software; distribution keys are different, and multiple algorithm control software products which correspond to the distribution keys are different.
Description
Technical field
The invention belongs to software control and management domain, relate in particular to a kind of by controlling the use of cryptographic algorithm mode control and management software.
Background technology
After software issue at present, conventionally adopt and provide authorization code or encrypt the modes such as key (dog) and control usurping of software.Software category, application time limit, operation platform are the limiting factor (s)s of authorizing, and software users according to demand, application mode to software has diversity, and current software authorization method can not reach and not only meet client's flexible Application demand but also take into account the target that software owner effectively authorizes management and control simultaneously.Meanwhile, software, if complete trustship is to third party, cannot the interests of safety assurance software business man own not encroached on.The present invention adopts digital certificate PKI security system, and soft ware authorization has software business man to control, and the control of soft ware authorization adopts a kind of authorization control platform, the mandate of generation, monitoring software.The two all satisfies condition, and software side can normally be used.
Summary of the invention
(1) the present invention adopts information security theory, in conjunction with encryption and decryption technology for software vendor provide a set of safe, authorize platform flexibly.The various mandate forms of software can be provided for software owner, as: free trial, timing use, metering use, the unrestricted condition of unit are used (standalone version), multi-user to control use (network edition software).Software vendors can, by above-mentioned form combination in any, form different authorizations.
(2) the concrete technical scheme of the present invention
In order to reach above-mentioned functions, the invention provides a set of security certificate platform, it is characterized in that: comprise following content
1) authorize platform to provide cryptographic algorithm, the RSA that comprises international standard, ECC, DES, AES, SHA, MD5 scheduling algorithm; The commercial code algorithm SM1 of country, SM2, SM3, SM4, SM7, SM9 etc.; Software vendors custom algorithm.
2) this mandate platform can produce corresponding authorization Algorithm software module according to time limit, number of times, unit, multimachine
3) this mandate platform completes authorization Algorithm software module and has the functions such as calculation of time, number of times statistics, unit, multimachine monitoring, to mate mandate.
4) this platform provides standard software interface, for authorization Algorithm Module-embedding software.
5) authorization Algorithm module, by the management and control to authorization Algorithm, is controlled the operation of software.Software can only operate under authorization code effective status
Accompanying drawing explanation
Fig. 1 is that software is by the process flow diagram of release product of the present invention.
Fig. 2 is detailed method of operation figure of the present invention.
embodiment
In order to make object of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
Fig. 1 shows the control and management process flow diagram that the present invention is applied to software release product.
Fig. 2 shows detailed method of operation of the present invention.
The embodiment of the present invention provides a kind of soft ware authorization and control and management flow process and method of operating, and concrete steps are as follows:
(1) software business man enters software platform (software electronic emporium), and platform is provided software business man and authorized KEY-USB-A, comprises RSA, ECC, DES, AES, SHA, the MD5 algorithm of international standard in this KEY; The commercial code algorithm SM1 of country, SM2, SM3, SM4, SM7, SM9 etc.; Software vendors custom algorithm.
(2) software users is chosen software product at software platform (software electronic emporium), and according to demand separately, proposes request for utilization separately, as timing request for utilization, metering request for utilization etc.; Software platform (software electronic emporium) is provided user KEY-USB-B, comprises RSA, ECC, DES, AES, SHA, MD5 algorithm and national commercial code algorithm SM1, SM2, SM3, SM4, SM7, the SM9 of international standard etc. in this KEY.
(3) software platform (software electronic emporium), according to user's application requirement, utilizes mandate platform of the present invention, produces algorithm software model.As algorithm timing software model, algorithm metering software model, algorithm unit control module, algorithm multimachine networking control module etc.Software platform (software electronic emporium) passes to software business man by institute's generation module through PKI security system.
(4) authorize platform that standard software interface is provided, by algorithm software model and software business man, provide software docking.
(5) software business man, according to user's application requirement, utilizes KEY--USB-A, selects cryptographic algorithm, produces at random software key, encryption software mandate
(6) authorization code of integration algorithm software model and software adopts PKI security system, sends user to after adopting respectively client public key to encrypt.
(7) user utilizes KEY-USB-B, the authorization code of decipherment algorithm software model and software
(8) in software application, algorithm software model produces software use authorization, and according to user's request, the operation of policing algorithm module, controls the operation of software with this.As client in Fig. 11 requires timing, timing software model is tied to software 1, and algoritic module is carried out to timing processing, according to timing Statistical monitor licensing status.Whether judgement mandate at any time exceeds the time limit.Running software is being authorized under effective status, and mandate exceeds the time limit, and software can not move.
Claims (3)
1. the method that soft ware authorization mode is selected, is characterized in that:
(1) software can select different cryptographic algorithm to authorize.To adapt to the requirement of zones of different, different industries, the RSA that algorithm comprises international standard, ECC, DES, AES, SHA, MD5 etc.; And national commercial code algorithm SM1, SM2, SM3, SM4, SM7, SM9 etc.; Custom algorithm.
(2) cryptographic algorithm selection method in claim (1), is characterized in that: all algorithms are integrated in identical platform, and platform is the embedded algorithm integration module of PC server.
(3) a kind of algorithm authorizations that realize different requirements in claim (1), is characterized in that: can, according to different industries, the desired security mechanism of zones of different, select the Security Architecture of corresponding algorithm or many algorithms combination.
2. the method that authorization control embeds, is characterized in that:
(1) software and algorithm authorization control software adopt standard interface.
(2) authorize form flexible configuration, free trial, timing use, metering use, the unrestricted condition of unit are used (standalone version), multi-user to control use (network edition software).
(3) authorization control software and software adopt different keys, mutually maintain secrecy.
(4) adopt PKI Security Architecture, supervisor authority.
3. software control and a management method, is characterized in that:
(1) by the control to algorithm authorization module, and realize the control and management to software application
(2) software and algorithm authorization module binding mode, can software integration packetized form provide product; Also can both to be separated, the form that algorithm mandate adopts the embedded key of hardware provides control and management for software.
(3) soft ware authorization and authorization control are discrete, and software provisioning side's interests and the interests interdependence of empowerment management side, do not encroached on.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310075584.4A CN104050397A (en) | 2013-03-11 | 2013-03-11 | Method and system for controlling and managing software |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310075584.4A CN104050397A (en) | 2013-03-11 | 2013-03-11 | Method and system for controlling and managing software |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104050397A true CN104050397A (en) | 2014-09-17 |
Family
ID=51503217
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310075584.4A Pending CN104050397A (en) | 2013-03-11 | 2013-03-11 | Method and system for controlling and managing software |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104050397A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106529216A (en) * | 2016-10-27 | 2017-03-22 | 西安交通大学 | Software authorization system based on public storage platforms and software authorization method |
| CN108764892A (en) * | 2018-05-29 | 2018-11-06 | 广东通莞科技股份有限公司 | A kind of encryption system of mobile payment platform |
| CN111310163A (en) * | 2020-01-20 | 2020-06-19 | 杭州和利时自动化有限公司 | Authorization management method, device and equipment for configuration software and readable storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030191717A1 (en) * | 1998-06-05 | 2003-10-09 | Johnson Teddy C. | High performance server data delivery system and method |
| CN1527966A (en) * | 2001-03-12 | 2004-09-08 | ض� | Method and apparatus to monitor use of a program |
| CN101814122A (en) * | 2009-12-08 | 2010-08-25 | 北京启扬讯达软件有限公司 | Method and system for monitoring software use authorization information |
-
2013
- 2013-03-11 CN CN201310075584.4A patent/CN104050397A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030191717A1 (en) * | 1998-06-05 | 2003-10-09 | Johnson Teddy C. | High performance server data delivery system and method |
| CN1527966A (en) * | 2001-03-12 | 2004-09-08 | ض� | Method and apparatus to monitor use of a program |
| CN101814122A (en) * | 2009-12-08 | 2010-08-25 | 北京启扬讯达软件有限公司 | Method and system for monitoring software use authorization information |
Non-Patent Citations (2)
| Title |
|---|
| 王庭辉: "软件授权许可系统的分析与研究", 《万方数据 学位论文》 * |
| 赵盛: "基于PKI的软件版权保护系统的设计与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106529216A (en) * | 2016-10-27 | 2017-03-22 | 西安交通大学 | Software authorization system based on public storage platforms and software authorization method |
| CN106529216B (en) * | 2016-10-27 | 2022-04-22 | 西安交通大学 | Software authorization system and software authorization method based on public storage platform |
| CN108764892A (en) * | 2018-05-29 | 2018-11-06 | 广东通莞科技股份有限公司 | A kind of encryption system of mobile payment platform |
| CN111310163A (en) * | 2020-01-20 | 2020-06-19 | 杭州和利时自动化有限公司 | Authorization management method, device and equipment for configuration software and readable storage medium |
| CN111310163B (en) * | 2020-01-20 | 2022-02-22 | 杭州和利时自动化有限公司 | Authorization management method, device and equipment for configuration software and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1960363B (en) | Method and equipment for implementing remote updating information security devices through network | |
| KR101744748B1 (en) | Contents protection, encryption and decryption apparatus using white-box cryptography | |
| US9197410B2 (en) | Key management system | |
| CN103957109B (en) | A kind of cloud data-privacy protects safe re-encryption method | |
| CN104244026B (en) | A kind of key distribution device in video monitoring system | |
| CN109804374A (en) | Digital Right Management based on block chain | |
| JP2016513383A (en) | Safe streaming method in numerical control manufacturing system and safe numerical control manufacturing system | |
| CN103580855B (en) | Usbkey management method based on sharing technology | |
| CN102427449A (en) | Trusted mobile storage method based on security chips | |
| CN109218291B (en) | Data transfer method, system and related equipment based on block chain | |
| CN103560892A (en) | Secret key generation method and secret key generation device | |
| CN104994068A (en) | Multimedia content protection and safe distribution method in cloud environment | |
| CN103226670B (en) | A kind of document access control system based on access control model | |
| CN103746801A (en) | Method for protecting dynamic password seed key on smart phone or tablet personal computer | |
| WO2013037329A1 (en) | Secure digital content sharing method, device, and system | |
| CN104320426A (en) | Data layering accessing method and system under cloud environment | |
| CN104050397A (en) | Method and system for controlling and managing software | |
| CN111176710B (en) | Operation method of terminal software management system and terminal software management system | |
| CN102427459B (en) | Offline authorization method based on Usbkeys | |
| CN101916346A (en) | Electronic device capable of preventing piracy and anti-piracy method thereof | |
| CN104270380A (en) | End-to-end encryption method and system based on mobile network and communication client side | |
| CN106452752B (en) | Method, system and the client of Modify password, server and smart machine | |
| EP4252386A1 (en) | Scalable key management for encrypting digital rights management authorization tokens | |
| CN107229874B (en) | Method, device and server for realizing VR-Key | |
| US9473471B2 (en) | Method, apparatus and system for performing proxy transformation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| DD01 | Delivery of document by public notice |
Addressee: Hou Xinying Document name: Notification of Publication and of Entering the Substantive Examination Stage of the Application for Invention |
|
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20140917 |
|
| WD01 | Invention patent application deemed withdrawn after publication |