CN105426704A - Network communication based method for realizing computer software protection - Google Patents

Network communication based method for realizing computer software protection Download PDF

Info

Publication number
CN105426704A
CN105426704A CN201510736569.9A CN201510736569A CN105426704A CN 105426704 A CN105426704 A CN 105426704A CN 201510736569 A CN201510736569 A CN 201510736569A CN 105426704 A CN105426704 A CN 105426704A
Authority
CN
China
Prior art keywords
intelligent key
software
key apparatus
address
timing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510736569.9A
Other languages
Chinese (zh)
Other versions
CN105426704B (en
Inventor
王向伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Foshan Electronic Government Science And Technology Co Ltd
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN201510736569.9A priority Critical patent/CN105426704B/en
Publication of CN105426704A publication Critical patent/CN105426704A/en
Application granted granted Critical
Publication of CN105426704B publication Critical patent/CN105426704B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/123Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1015Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to users
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Radar, Positioning & Navigation (AREA)
  • Remote Sensing (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a network communication based method for realizing computer software protection. The method comprises the steps that a first intelligent key apparatus is connected to a server computer, and a second intelligent key apparatus is connected to a client computer; the client computer starts software installed in the client computer, then the software detects whether the second intelligent key apparatus is pulled out or not, and if the second intelligent key apparatus is pulled out, the running of the software is directly ended; if the second intelligent key apparatus is not pulled out, the software sends an IP address acquisition request to the server computer, and a timing program in the software starts timing; and the server computer analyzes the IP address acquisition request to obtain an IP address of the client computer and transmits the IP address to the first intelligent key apparatus, and the first intelligent key apparatus encrypts the IP address and sends the encrypted IP address to the client computer. According to the method, the security of client software is greatly improved.

Description

A kind of communication Network Based realizes the method for protecting computer software
Technical field
The present invention relates to a kind of method for protecting computer software, be specifically related to a kind of method that communication Network Based realizes protecting computer software.
Background technology
Key is a kind of parameter, and it is expressly being converted to ciphertext or ciphertext is being converted to the parameter inputted in algorithm expressly.Key is divided into symmetric key and unsymmetrical key.Intelligent key apparatus is a kind of small hardware device with processor and storer, and it can be connected with computing machine by the data communication interface of computing machine.It has secret generating function, and can safe storage key, install beforehand cryptographic algorithm function.The intelligent key apparatus computing relevant to key is completely at device internal operation, and intelligent key apparatus has the characteristic of attack resistance, and security is high.USBKey is a kind of intelligent key apparatus of USB interface, and its built-in single-chip microcomputer or intelligent card chip can store key or the digital certificate of user.In today that Information technology is day by day flourishing, more and more comprise data message to run in a computer with the software relating to individual privacy and secret of the trade, and the software run in computing machine or software itself are easily artificially illegally distorted or the bootlegging because of piracy, bring huge economic loss to software users or developer, also make further work proceed simultaneously.
In practical application, deposit the software run in a computer to bind with the intelligent key apparatus being connected to computing machine, to improve the security of the software run in computing machine, but, some softwares containing high security information can only allow to run in the computing machine in certain computer or particular range at present, if illegal use person obtains the intelligent key apparatus of software and software binding by improper means, then can use security software on other computing machine, bring massive losses to software users and security information.
So the patent No. is: 200910083315.6, denomination of invention is: a kind of method for protecting computer software, the patent of invention of Authorization Notice No.: CN101539977B proposes a kind of concrete solution, achieve client computer software calculates IP address binding by LAN services end computing machine residing for it and client, institute's protection software can only be run in the client computer within the scope of the legitimate ip address list of this IP address or some, leave this client computer then can not run, improve the security of client software, the transmission of IP address simultaneously needs the encryption of intelligent key apparatus, further increase software and crack difficulty.
But; because protected computer software can run within the scope of the legitimate ip address list of some; if so oneself carrying notebook computer of illegal use person, notebook computer is accessed within the scope of legal IP address list, so just can copy and run this computer software.For this defect, be necessary research further thus find safer method for protecting computer software.
Summary of the invention
The object of the present invention is to provide a kind of communication Network Based to realize the method for protecting computer software, the method is mainly for solving above defect.
In order to realize above object, the technical solution adopted in the present invention is: a kind of communication Network Based realizes the method for protecting computer software, said method comprising the steps of:
Steps A: the first intelligent key apparatus is connected to server computer, the second intelligent key apparatus is connected to client computer;
Step B: described client computer starts its inner software installed, and then, whether described software detection second intelligent key apparatus is pulled out, if be pulled out, then software directly terminates to run; If be not pulled out, then described software sends and obtains IP Address requests to described server computer, and the timing program of described software inhouse starts timing simultaneously;
Step C: obtain IP Address requests described in described server computer analysis, obtain described client computer IP address, pass to described first intelligent key apparatus, described first intelligent key apparatus is encrypted described IP address and is sent to described client computer;
Step D: described client computer receives the IP address of described encryption, pass to described second intelligent key apparatus, after described second intelligent key apparatus deciphers the IP address of described encryption, more described IP address and the preset legitimate ip address list of the second intelligent key apparatus, if described IP address is within the scope of described legitimate ip address list, then described IP address is legal, and described second intelligent key apparatus can be used; Otherwise described IP address is illegal, described second intelligent key apparatus is unavailable, and software terminates to run;
Step e: when the timing program timing of described software inhouse is to X second, whether described software detection second intelligent key apparatus is pulled out, if be pulled out, then EOP (end of program) is run, otherwise program continues to run and whether described software detects the second intelligent key apparatus be pulled out always;
Step F: be pulled out once detect, recording this time of extracting moment timing program timing is m second; Program continues to run timing program simultaneously and resets and restart timing; If when the timing program timing of described software inhouse is to Y second, if the second intelligent key apparatus is pulled out not yet, then EOP (end of program) is run;
Step G: when the timing program timing of described software inhouse is to X second, whether described software detection second intelligent key apparatus connects client computer, if connected, then EOP (end of program) is run, otherwise program continues to run and whether described software detects the second intelligent key apparatus access always;
Step H: be access in once detect, the time of recording the timing program timing of this access moment is n second; Program continues to run timing program simultaneously and resets and stop timing; If when the timing program timing of described software inhouse is to Z second, the second intelligent key apparatus accesses not yet, then EOP (end of program) is run;
Wherein, 3≤X≤5,20 >=Y >=15,20 >=Z >=15;
Step I: described software adopts second secret key encryption m, n numerical value in the second intelligent key apparatus, then numerical value whether correct verification request is sent to server computer, described server computer receives numerical value whether correct verification request, after described first intelligent key apparatus first secret key decryption, m, n and the numerical range that stores in advance are compared, if 6≤m≤12 and 6≤n≤15; Then server computer sends to client computer the order that described software can normally run, otherwise described software terminates the order run.
Further, also communication key is comprised in described acquisition IP Address requests, then before described server computer analyzes described IP Address requests, also comprise: communication key described in described client computer stochastic generation is also stored in the second intelligent key apparatus, the acquisition IP Address requests comprising communication key described in the second secret key encryption in described second intelligent key apparatus sends server computer; Described server computer receives the acquisition IP Address requests comprising communication key of described encryption, after described first intelligent key apparatus first secret key decryption, stores described communication key in the first intelligent key apparatus.
Compared with prior art, the invention has the advantages that: even if software of the present invention is copied to the notebook computer carried by illegal use person, the notebook computer carried accesses within the scope of legal IP address list still cannot use software of the present invention, reason is that software of the present invention achieves encipherment protection by the access of detection second intelligent key apparatus and the time of extracting, that is after the second intelligent key apparatus access client computer, a period of time (such as 4s) must extract, extract a period of time (such as 6s) must again access, only having operator to be aware of this time password just can make software normally run, otherwise software can terminate to run automatically.
Accompanying drawing explanation
Fig. 1 is the block diagram of one embodiment of the invention.
Embodiment
Below in conjunction with accompanying drawing, invention is described in further detail.
The content that steps A of the present invention, step B, step C, step D do not describe in detail refers to the patent document that background technology part is mentioned.
Embodiment: communication Network Based realizes the method for protecting computer software, said method comprising the steps of:
Steps A: the first intelligent key apparatus is connected to server computer, the second intelligent key apparatus is connected to client computer;
Step B: described client computer starts its inner software installed, and then, whether described software detection second intelligent key apparatus is pulled out, if be pulled out, then software directly terminates to run; If be not pulled out, then described software sends and obtains IP Address requests to described server computer, and the timing program of described software inhouse starts timing simultaneously;
Step C: obtain IP Address requests described in described server computer analysis, obtain described client computer IP address, pass to described first intelligent key apparatus, described first intelligent key apparatus is encrypted described IP address and is sent to described client computer;
Step D: described client computer receives the IP address of described encryption, pass to described second intelligent key apparatus, after described second intelligent key apparatus deciphers the IP address of described encryption, more described IP address and the preset legitimate ip address list of the second intelligent key apparatus, if described IP address is within the scope of described legitimate ip address list, then described IP address is legal, and described second intelligent key apparatus can be used; Otherwise described IP address is illegal, described second intelligent key apparatus is unavailable, and software terminates to run;
Step e: when the timing program timing of described software inhouse was by 3 seconds, whether described software detection second intelligent key apparatus is pulled out, if be pulled out, then EOP (end of program) is run, otherwise program continues to run and whether described software detects the second intelligent key apparatus be pulled out always;
Step F: be pulled out once detect, recording this time of extracting moment timing program timing is m second; Program continues to run timing program simultaneously and resets and restart timing; If when the timing program timing of described software inhouse was by 15 seconds, if the second intelligent key apparatus is pulled out not yet, then EOP (end of program) is run;
Step G: when the timing program timing of described software inhouse was by 3 seconds, whether described software detection second intelligent key apparatus connects client computer, if connected, then EOP (end of program) is run, otherwise program continues to run and whether described software detects the second intelligent key apparatus access always;
Step H: be access in once detect, the time of recording the timing program timing of this access moment is n second; Program continues to run timing program simultaneously and resets and stop timing; If when the timing program timing of described software inhouse was by 15 seconds, the second intelligent key apparatus accesses not yet, then EOP (end of program) is run;
Step I: server computer judges the size of m, n, if 6≤m≤9 and 6≤n≤8, then program continues to run, otherwise program directly terminates to run.
Be described below in conjunction with the principle of work of embodiment to the inventive method: the corresponding software algorithm of step e, step F is that, if between 6s≤m≤9s, the second intelligent key apparatus is pulled out, then software normally runs, otherwise software terminates to run; The software algorithm that step G, step H are corresponding is, if the second intelligent key apparatus is pulled out, if must again access in the 6s≤n after so extracting≤8s, otherwise program can terminate to run.
Then, client computer sends the request of checking m, n numerical value whether within the scope of permissible level to server computer, and the result is sent to client computer by server computer.
The in fact corresponding a kind of password of step e, F, G, H, only have operator extract in correct time range and access the second intelligent key apparatus, software just can normally run, otherwise software directly terminates to run.

Claims (2)

1. communication Network Based realizes a method for protecting computer software, it is characterized in that, said method comprising the steps of:
Steps A: the first intelligent key apparatus is connected to server computer, the second intelligent key apparatus is connected to client computer;
Step B: described client computer starts its inner software installed, and then, whether described software detection second intelligent key apparatus is pulled out, if be pulled out, then software directly terminates to run; If be not pulled out,
Described software sends obtaining communication key request to described server computer; Described server computer stochastic generation communication key is stored in the first intelligent key apparatus, and sends client computer after the first secret key encryption of the first intelligent key apparatus; Described client computer receives the communication key after described encryption, after the second secret key decryption of described second intelligent key apparatus, be stored in the second intelligent key apparatus; Then, described software sends and obtains IP Address requests to described server computer, and the timing program of described software inhouse starts timing simultaneously;
Step C: obtain IP Address requests described in described server computer analysis, obtain described client computer IP address, pass to described first intelligent key apparatus, described first intelligent key apparatus is encrypted described IP address and is sent to described client computer;
Step D: described client computer receives the IP address of described encryption, pass to described second intelligent key apparatus, after described second intelligent key apparatus deciphers the IP address of described encryption, more described IP address and the preset legitimate ip address list of the second intelligent key apparatus, if described IP address is within the scope of described legitimate ip address list, then described IP address is legal, and described second intelligent key apparatus can be used; Otherwise described IP address is illegal, described second intelligent key apparatus is unavailable, and software terminates to run;
Step e: when the timing program timing of described software inhouse is to X second, whether described software detection second intelligent key apparatus is pulled out, if be pulled out, then EOP (end of program) is run, otherwise program continues to run and whether described software detects the second intelligent key apparatus be pulled out always;
Step F: be pulled out once detect, recording this time of extracting moment timing program timing is m second; Program continues to run timing program simultaneously and resets and restart timing; If when the timing program timing of described software inhouse is to Y second, the second intelligent key apparatus is pulled out not yet, then EOP (end of program) is run;
Step G: when the timing program timing of described software inhouse is to X second, whether described software detection second intelligent key apparatus connects client computer, if connected, then EOP (end of program) is run, otherwise program continues to run and whether described software detects the second intelligent key apparatus access always;
Step H: be access in once detect, the time of recording the timing program timing of this access moment is n second; Program continues to run timing program simultaneously and resets and stop timing; If when the timing program timing of described software inhouse is to Z second, the second intelligent key apparatus accesses not yet, then EOP (end of program) is run;
Wherein, 3≤X≤5,20 >=Y >=15,20 >=Z >=15;
Step I: described software adopts second secret key encryption m, n numerical value in the second intelligent key apparatus, then numerical value whether correct verification request is sent to server computer, described server computer receives numerical value whether correct verification request, after described first intelligent key apparatus first secret key decryption, m, n and the numerical range that stores in advance are compared, if 6≤m≤12 and 6≤n≤15; Then server computer sends to client computer the order that described software can normally run, otherwise described software terminates the order run.
2. a kind of communication Network Based according to claim 1 realizes the method for protecting computer software, it is characterized in that, also communication key is comprised in described acquisition IP Address requests, then before described server computer analyzes described IP Address requests, also comprise: communication key described in described client computer stochastic generation is also stored in the second intelligent key apparatus, the acquisition IP Address requests comprising communication key described in the second secret key encryption in described second intelligent key apparatus sends server computer; Described server computer receives the acquisition IP Address requests comprising communication key of described encryption, after described first intelligent key apparatus first secret key decryption, stores described communication key in the first intelligent key apparatus.
CN201510736569.9A 2015-11-01 2015-11-01 A kind of method that protecting computer software is realized based on network service Active CN105426704B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510736569.9A CN105426704B (en) 2015-11-01 2015-11-01 A kind of method that protecting computer software is realized based on network service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510736569.9A CN105426704B (en) 2015-11-01 2015-11-01 A kind of method that protecting computer software is realized based on network service

Publications (2)

Publication Number Publication Date
CN105426704A true CN105426704A (en) 2016-03-23
CN105426704B CN105426704B (en) 2018-05-01

Family

ID=55504912

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510736569.9A Active CN105426704B (en) 2015-11-01 2015-11-01 A kind of method that protecting computer software is realized based on network service

Country Status (1)

Country Link
CN (1) CN105426704B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115348113A (en) * 2022-10-18 2022-11-15 安徽华云安科技有限公司 Man-in-the-middle attack resisting method

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101539977A (en) * 2009-04-29 2009-09-23 北京飞天诚信科技有限公司 Method for protecting computer software
CN101539978A (en) * 2009-04-29 2009-09-23 北京飞天诚信科技有限公司 Software protection method based on space
CN101894223A (en) * 2009-05-20 2010-11-24 鸿富锦精密工业(深圳)有限公司 Password protection method and system
CN102170348A (en) * 2010-11-08 2011-08-31 无敌科技(西安)有限公司 Method for achieving encryption and decryption of data through recording user input speed
CN102592088A (en) * 2011-12-28 2012-07-18 广东欧珀移动通信有限公司 Password setting and verifying method
CN102663311A (en) * 2012-03-31 2012-09-12 惠州Tcl移动通信有限公司 Method for releasing screen locking and device thereof
CN102830905A (en) * 2012-07-02 2012-12-19 人民搜索网络股份公司 Device and method for unlocking touch screen equipment based on clicking force

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101539977A (en) * 2009-04-29 2009-09-23 北京飞天诚信科技有限公司 Method for protecting computer software
CN101539978A (en) * 2009-04-29 2009-09-23 北京飞天诚信科技有限公司 Software protection method based on space
CN101894223A (en) * 2009-05-20 2010-11-24 鸿富锦精密工业(深圳)有限公司 Password protection method and system
CN102170348A (en) * 2010-11-08 2011-08-31 无敌科技(西安)有限公司 Method for achieving encryption and decryption of data through recording user input speed
CN102592088A (en) * 2011-12-28 2012-07-18 广东欧珀移动通信有限公司 Password setting and verifying method
CN102663311A (en) * 2012-03-31 2012-09-12 惠州Tcl移动通信有限公司 Method for releasing screen locking and device thereof
CN102830905A (en) * 2012-07-02 2012-12-19 人民搜索网络股份公司 Device and method for unlocking touch screen equipment based on clicking force

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115348113A (en) * 2022-10-18 2022-11-15 安徽华云安科技有限公司 Man-in-the-middle attack resisting method
CN115348113B (en) * 2022-10-18 2022-12-23 安徽华云安科技有限公司 Man-in-the-middle attack resisting method

Also Published As

Publication number Publication date
CN105426704B (en) 2018-05-01

Similar Documents

Publication Publication Date Title
JP6941146B2 (en) Data security service
TWI587672B (en) Login authentication method, client, server and system
CN101005361B (en) Server and software protection method and system
CN113221128B (en) Account and password storage method and registration management system
CN104361267A (en) Software authorization and protection device and method based on asymmetric cryptographic algorithm
CN101695038A (en) Method and device for detecting SSL enciphered data safety
CA2899027A1 (en) Data security service
CN105740725A (en) File protection method and system
US11706022B1 (en) Method for trusted data decryption based on privacy-preserving computation
CN110955918A (en) Contract text protection method based on RSA encrypted sha-256 digital signature
CN105099705A (en) Safety communication method and system based on USB protocol
CN103701787A (en) User name password authentication method implemented on basis of public key algorithm
CN111510442A (en) User verification method and device, electronic equipment and storage medium
CN110891065A (en) Token-based user identity auxiliary encryption method
CN101309147A (en) Identity authentication method based on image password
CN105426704A (en) Network communication based method for realizing computer software protection
CN105071993A (en) Encryption state detection method and system
CN104009851A (en) One-time pad bidirectional authentication safe logging technology for internet bank
CN108270719A (en) A kind of data safe transmission method and device based on digital signature
CN108323231B (en) Method for transmitting key, receiving terminal and distributing terminal
Zou et al. A cloud based SIM DRM scheme for the mobile internet
Lin Survey on cloud based mobile security and a new framework for improvement
CN105227562A (en) The key business data transmission mediation device of identity-based checking and using method thereof
CN105354447A (en) Method for implementing protection of software based on network communication
CN108959859A (en) Computer software protection method suitable for network communication

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Li Jiancheng

Inventor after: Xiao Bohan

Inventor after: Zhu Shaohua

Inventor after: Huang Dongxu

Inventor after: Hu Xiaofan

Inventor after: Sheng Chuanshen

Inventor after: Huang Zheyan

Inventor after: Pan Jianhao

Inventor after: Zou Zhendong

Inventor after: Cai Xiaorui

Inventor before: Wang Xiangwei

TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20180408

Address after: Chancheng District of Guangdong city in Foshan province 528000 Jihua five road No. 22 building 15 layer Ji Hua

Applicant after: Foshan electronic government science and Technology Co., Ltd.

Address before: 232038 Anhui Province, Huainan city tianjia'an district Mountain West Education College of Huainan Normal University

Applicant before: Wang Xiangwei

GR01 Patent grant
GR01 Patent grant