CN108200055B - Software method for protecting intellectual property of embedded product - Google Patents
Software method for protecting intellectual property of embedded product Download PDFInfo
- Publication number
- CN108200055B CN108200055B CN201711486763.1A CN201711486763A CN108200055B CN 108200055 B CN108200055 B CN 108200055B CN 201711486763 A CN201711486763 A CN 201711486763A CN 108200055 B CN108200055 B CN 108200055B
- Authority
- CN
- China
- Prior art keywords
- license
- embedded
- product
- unique identifier
- embedded product
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000009826 distribution Methods 0.000 claims abstract description 51
- 238000013475 authorization Methods 0.000 claims abstract description 37
- 238000012795 verification Methods 0.000 claims abstract description 16
- 230000006855 networking Effects 0.000 claims abstract description 4
- 238000003860 storage Methods 0.000 claims description 12
- 238000004891 communication Methods 0.000 claims description 9
- 238000000034 method Methods 0.000 claims description 9
- 230000007246 mechanism Effects 0.000 claims description 4
- 238000004519 manufacturing process Methods 0.000 abstract description 5
- 238000012544 monitoring process Methods 0.000 abstract description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/18—Legal services
- G06Q50/184—Intellectual property management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Tourism & Hospitality (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Technology Law (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Marketing (AREA)
- Operations Research (AREA)
- Entrepreneurship & Innovation (AREA)
- Power Engineering (AREA)
- General Health & Medical Sciences (AREA)
- Human Resources & Organizations (AREA)
- Economics (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
Abstract
The invention belongs to the technical field of information security, in particular to a software method for protecting embedded intellectual property rights, which first generates licenses in batch and in a centralized way by erecting a license server in a centralized way and then sends the licenses to a license distribution tool, the license is distributed to the embedded product by a license distribution tool, the license distribution tool records the unique identifier of the embedded product and the distributed license, stores the unique identifier and the distributed license in a database, the license information is reported to a license server during networking, the license server records the binding relationship between the license reported by a license distribution tool and the unique identifier of the embedded product, the embedded product judges whether the authorization verification is passed by verifying whether the license information exists and whether the existing license is matched with the unique identifier of the embedded product correctly, and checking whether the unique identifier of the networked embedded product is matched with the license through the license server to enhance intellectual property protection. The invention does not need to use an encryption chip, saves hardware pins, and can carry out centralized production and management, tracing and monitoring on license.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to a software method for protecting embedded intellectual property rights.
Background
In embedded products on the market, software on a storage device can be basically copied and written to another storage device in a binary mode.
In order to protect intellectual property of a product developer and prevent hardware from being copied and copied, original edition software is mainly copied and run by the following method:
(1) the method adopts a mode of encrypting the chip, a product property right party or an authorized manufacturer firstly writes the encrypting chip before the product is produced, different License is written in each encrypting chip, the encrypting chip is welded on the product during the product production, and whether the encrypting chip can be correctly read and whether the product contains the correct License is judged when the product is started.
(2) By adopting a software method, the unique identifier of the embedded product is read when the embedded product is started, the License server generates License according to the unique identifier, and the License is written into the storage equipment of the embedded product in a serial port or network mode.
The protection mode of the encryption chip has natural limitation, high hardware cost, occupation of precious hardware pin resources, low efficiency, easy error, difficult realization of copy prevention, difficult maintenance and the like.
In the software protection method, the license needs to be generated for each embedded product separately, and a lot of time is consumed to write the license into the embedded product, and in the case that the license is written by a plurality of workstations or a plurality of factories, the license is difficult to realize centralized management.
Disclosure of Invention
The invention mainly aims to provide an efficient and convenient software method for realizing the protection of embedded intellectual property rights and the centralized management of license.
In order to achieve the purpose, the technical scheme of the invention is as follows: a software method for protecting intellectual property of embedded products is provided, which comprises the following steps:
the method comprises the following steps: the license server is utilized to intensively generate licenses in batch;
step two: the license server carries out network communication with a license distribution tool running on a plurality of places and a plurality of terminals and issues the license to the license distribution tool;
step three: the license distribution tool distributes the licenses to the embedded products which do not obtain the licenses;
step four: the license distribution tool records the unique identifier of the embedded product and the distributed license, stores the unique identifier and the distributed license in the database, reports the unique identifier and the distributed license to the license server during networking, and the license server records the binding relationship between the license reported by the license distribution tool and the unique identifier of the embedded product;
step five: after the embedded product is started, reading license information from a designated area of the storage device, and verifying whether the license is correct or not;
step six: if the license in the step five is correct, the embedded product continuously verifies whether the license is matched with the unique identifier of the embedded product, and if the license in the step five is incorrect or the license is not matched with the unique identifier of the embedded product, the product authorization verification is not passed; and if the license in the step five is matched with the unique identifier of the embedded product, the product is authenticated to pass.
Preferably, the license server centrally manages factory and user data for producing the embedded product, the number of licenses allowed to be downloaded by each factory and user, and history.
Preferably, when the number of licenses on the license distribution tool in the step three is not enough, the login license server applies to download a certain number of licenses to the local database.
Preferably, when the license information does not exist in the specified area of the embedded product storage device in the step five, the license distribution tool in the network is requested to continue to execute the step six.
Preferably, the license server, the license distribution tool and the embedded product are communicated through a network, and an encryption mechanism is arranged in a communication protocol.
Preferably, after the embedded product is networked, the embedded product does not report to the license server periodically, the license server checks the unique identifier of the embedded product and the license, and if the unique identifier of the embedded product does not match with the license, the embedded product is indicated to be not authorized, and the protection is enhanced.
The invention has the beneficial effects that: the method does not need to use an encryption chip, saves hardware pins, realizes the operation validity check of the embedded product only by using a software method, does not need to provide an embedded product identifier in advance when producing the license, can carry out centralized production and management on the license, and carries out tracing and monitoring, thereby effectively reducing the product cost, reducing the production tools, improving the production efficiency and enhancing the safety of intellectual property protection.
Drawings
Fig. 1 is a flow chart of the software method for intellectual property protection of embedded products of the present invention.
Fig. 2 is a flowchart of checking license of the embedded product in the invention.
Figure 3 is a flow diagram of the License distribution facility initiation authorization check of the present invention.
Figure 4 is a flowchart of the License distribution tool distributing License in the present invention.
Fig. 5 is a flow chart of License application message interaction between the License distribution tool and the License server in the invention.
Detailed Description
The invention will be described in more detail below with reference to the accompanying drawings:
referring to fig. 1, the present invention provides a software method for protecting intellectual property of an embedded product, comprising the following steps:
the method comprises the following steps: the license server is utilized to intensively generate licenses in batch;
step two: the license server carries out network communication with the license distribution tool and issues the license to the license distribution tool;
step three: the license distribution tool distributes the licenses to the embedded products which do not obtain the licenses;
step four: the license distribution tool records the unique identifier of the embedded product and the distributed license, stores the unique identifier and the distributed license in the database, reports the unique identifier and the distributed license to the license server during networking, and the license server records the binding relationship between the license reported by the license distribution tool and the unique identifier of the embedded product;
step five: reading license information from an appointed area of the embedded product storage equipment, and verifying whether the license exists or not; when the license information does not exist in the appointed area of the embedded product storage equipment, requesting a license to a license distribution tool in the network;
step six: if the license in the step five is correct, continuously verifying whether the license is matched with the unique identifier of the embedded product, and if the license in the step five is incorrect or the license is not matched with the unique identifier of the embedded product, indicating that the product authorization verification fails; and if the license in the step five is matched with the unique identifier of the embedded product, the product is authenticated to pass.
The license server performs centralized management on factory and user data for producing the embedded product, the number of licenses allowed to be downloaded by each factory and user and historical records.
And in the third step, when the number of licenses on the license distribution tool is not enough, the login license server applies for downloading a certain number of licenses to the local database.
And step five, when the appointed area of the embedded product storage device does not have license information, requesting the license distribution tool in the network to continue to execute step six.
The license server, the license distribution tool and the embedded product are communicated through a network, and an encryption mechanism is arranged in a communication protocol.
As a standby mechanism, after the embedded product is networked, the embedded product reports to the license server irregularly, the license server checks whether the unique identifier of the embedded product is matched with the license, and if the unique identifier of the embedded product is not matched with the license, the product authorization verification is not passed; and if the unique identifier of the embedded product is matched with the license, the product is authenticated and verified.
Because the License server is in network communication with the plurality of License distribution tools, the License server can distribute different licenses to the plurality of License distribution tools, when the number of licenses on the plurality of License distribution tools is not enough, the License server can simultaneously apply for downloading to the License server, each License distribution tool is in network communication with the plurality of embedded products, the authorization verification of the plurality of embedded products can be simultaneously carried out, and the verification efficiency is greatly improved.
Referring to fig. 2-4, the method of the present invention is mainly completed by cooperation of a license server, a management tool, a license distribution tool, and a license verification and maintenance algorithm on an embedded product.
Referring to fig. 2, step five and step six in the software method for protecting intellectual property rights of an embedded product are links in an embedded product license check flow, and the embedded product license check flow is intended to verify whether the authorization information of the embedded product passes or not, and specifically includes the following steps:
step 2.1: generating a product unique identifier according to a certain algorithm;
step 2.2: reading authorization information from a designated address of a storage device;
step 2.3: verifying whether the authorization information exists;
step 2.4: if the authorization information does not exist, requesting the license to the license distribution tool in the network, receiving the license issued by the license distribution tool, writing the license into the specified address of the storage device, and then executing the step 2.3 again; if the authorization information exists, verifying whether the authorization information is correct;
step 2.5: if the verification authorization information is incorrect, the sound/light prompts that the product authorization verification is not passed; if the authorization information is verified to be correct, continuously verifying whether the authorization information is matched with the unique product identifier;
step 2.6: if the verification authorization information is not matched with the unique product identifier, the product authorization verification is not passed through the sound/light prompt; if the verification authorization information is matched with the unique product identifier, the sound/light prompts that the product authorization passes verification and the product normally runs.
Referring to fig. 3, the specific steps of the process for initiating the authorization check by the license distribution tool are as follows:
step 3.1: generating a product unique identifier according to a certain algorithm;
step 3.2: reading authorization information from a specified directory;
step 3.3: verifying whether the authorization information exists;
step 3.4: if the authorization information does not exist, license authorization service is not started; if the authorization information exists, verifying whether the decoded authorization information is matched with the unique identifier of the computer;
step 3.5: if the authorization information is matched with the unique identifier of the computer after being decoded, license authorization service is started; if the authorization information is not matched with the unique identifier of the computer after being decoded, license authorization service is not started;
step 3.6: and after the authorization information is decoded, the authorization information is matched with the unique identifier of the computer, and after license authorization service is started, a network request of the embedded product is waited, and the license is distributed.
Referring to fig. 4, the task of assigning the license in step 3.6 is performed by the license assignment tool, which includes the following specific steps:
step 4.1: running an authorization check;
step 4.2: waiting for a network request of the embedded product;
step 4.3: receiving an embedded product network request license;
step 4.4: verifying whether the embedded product has been distributed with license;
step 4.5: if the license has already been distributed to the embedded product, reading the license from the history record; if the license is not distributed to the embedded product, distributing a license from the available license database, binding the license and the unique identifier of the embedded product, and writing the license and the unique identifier of the embedded product into the database;
step 4.6: sending a network message response to the embedded product;
step 4.7: and updating the current license distribution condition on the software interface in real time, and updating the number of available licenses.
Please refer to fig. 5, a license server and a license distribution tool perform license message interactive communication via a network, the license distribution tool establishes TCP connection with the license server, the license distribution tool sends a login request to the license server via a user name/encrypted authentication information and a host unique identifier, the license server checks the login information after receiving the login request, if the login information is wrong, the license distribution tool responds the wrong login information to the license distribution tool, the license distribution tool corrects the login information to carry SESSIONID to request to obtain user license information, the license server responds the obtained license information of the login user to the license distribution tool, where the license distribution tool displays the license information of the login user after receiving the license information: user name, factory name, allowed number, allocated number, residual number, local residual license number, and real-time display of current allocation condition.
When the License distribution tool requests a certain number of licenses, request information carrying the SESSIONID is sent to a License server, the License server performs SESSIONID matching, user information is searched, the licenses are generated and written into a database, an encrypted compressed file is generated, a history file is updated, a user operation record is updated, and a file name/decompressed password/verification information is carried to be responded to the License distribution tool. Because the license server stores and records license information, the protection of intellectual property of the embedded product is traceable and monitorable, and the effectiveness and the safety are higher.
The above-mentioned embodiments are only preferred embodiments of the present invention, and all equivalent changes and modifications made within the scope of the claims of the present invention should be covered by the claims of the present invention.
Claims (6)
1. A software method for protecting intellectual property of embedded products is characterized by comprising the following steps:
the method comprises the following steps: the license server is utilized to intensively generate licenses in batch;
step two: the license server carries out network communication with a license distribution tool running on a plurality of places and a plurality of terminals and issues the license to the license distribution tool;
step three: the license distribution tool distributes the licenses to the embedded products which do not obtain the licenses;
step four: the license distribution tool records the unique identifier of the embedded product and the distributed license, stores the unique identifier and the distributed license in the database, reports the unique identifier and the distributed license to the license server during networking, and the license server records the binding relationship between the license reported by the license distribution tool and the unique identifier of the embedded product;
step five: after the embedded product is started, reading license information from a designated area of the storage device, and verifying whether the license is correct or not;
step six: if the license in the step five is correct, the embedded product continuously verifies whether the license is matched with the unique identifier of the embedded product, and if the license in the step five is incorrect or the license is not matched with the unique identifier of the embedded product, the product authorization verification is not passed; and if the license in the step five is matched with the unique identifier of the embedded product, the product is authenticated to pass.
2. The software method for intellectual property protection of embedded products according to claim 1, wherein the license server centrally manages factory and user data for producing embedded products, the number of licenses allowed to be downloaded per factory and user, and history.
3. The software method for intellectual property protection of embedded products according to claim 1, wherein the license server is logged in to download a license of a predetermined amount to the local database when the number of licenses on the license distribution tool is not enough in step three.
4. The software method for intellectual property protection of embedded products according to claim 1, wherein when the area specified by the storage device of the embedded product in the step five has no license information, the license distribution tool in the network is requested to request the license to continue to execute the step six.
5. The software method for intellectual property protection of embedded products according to claim 1, wherein the license server, the license distribution tool and the embedded products communicate with each other through a network, and a communication protocol is provided with an encryption mechanism.
6. The software method for intellectual property protection of embedded products according to claim 1, further comprising the steps of: after the embedded product is networked, the embedded product reports to the license server irregularly, the license server checks whether the unique identifier of the embedded product is matched with the license, and if the unique identifier of the embedded product is not matched with the license, the product authorization verification is not passed; and if the unique identifier of the embedded product is matched with the license, the product is authenticated and verified.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711486763.1A CN108200055B (en) | 2017-12-29 | 2017-12-29 | Software method for protecting intellectual property of embedded product |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711486763.1A CN108200055B (en) | 2017-12-29 | 2017-12-29 | Software method for protecting intellectual property of embedded product |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108200055A CN108200055A (en) | 2018-06-22 |
CN108200055B true CN108200055B (en) | 2020-10-27 |
Family
ID=62587049
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711486763.1A Active CN108200055B (en) | 2017-12-29 | 2017-12-29 | Software method for protecting intellectual property of embedded product |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108200055B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109150834A (en) * | 2018-07-20 | 2019-01-04 | 武汉虹信通信技术有限责任公司 | A kind of embedded device license authorization management method |
CN109086575A (en) * | 2018-07-26 | 2018-12-25 | 郑州云海信息技术有限公司 | A kind of authorization method and system of software license |
CN110942122B (en) * | 2019-11-30 | 2022-05-13 | 航天科技控股集团股份有限公司 | Product information binding method |
CN114448986B (en) * | 2022-01-04 | 2024-03-01 | 上海弘积信息科技有限公司 | License control method based on MC centralized management system |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101055608A (en) * | 2006-04-14 | 2007-10-17 | 陆明 | Digital copyright management and protection method |
CN101316167A (en) * | 2008-07-04 | 2008-12-03 | 宇龙计算机通信科技(深圳)有限公司 | Registration and login method of safety authentication, system and mobile terminal |
CN101373504A (en) * | 2008-08-04 | 2009-02-25 | 北京大学 | Management method and system for downloading digital content |
CN103152344A (en) * | 2013-03-06 | 2013-06-12 | 广东数字证书认证中心有限公司 | Digital-certificate-based cryptographic operation method and device |
CN105224832A (en) * | 2015-10-16 | 2016-01-06 | 浪潮电子信息产业股份有限公司 | License authorization centralized management method |
CN105512519A (en) * | 2015-11-30 | 2016-04-20 | 北大方正集团有限公司 | Digital resource copyright protection method, opening method and device, and hardware storage device |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10565388B2 (en) * | 2009-06-26 | 2020-02-18 | Disney Enterprises, Inc. | Method and system for providing digital media rental |
-
2017
- 2017-12-29 CN CN201711486763.1A patent/CN108200055B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101055608A (en) * | 2006-04-14 | 2007-10-17 | 陆明 | Digital copyright management and protection method |
CN101316167A (en) * | 2008-07-04 | 2008-12-03 | 宇龙计算机通信科技(深圳)有限公司 | Registration and login method of safety authentication, system and mobile terminal |
CN101373504A (en) * | 2008-08-04 | 2009-02-25 | 北京大学 | Management method and system for downloading digital content |
CN103152344A (en) * | 2013-03-06 | 2013-06-12 | 广东数字证书认证中心有限公司 | Digital-certificate-based cryptographic operation method and device |
CN105224832A (en) * | 2015-10-16 | 2016-01-06 | 浪潮电子信息产业股份有限公司 | License authorization centralized management method |
CN105512519A (en) * | 2015-11-30 | 2016-04-20 | 北大方正集团有限公司 | Digital resource copyright protection method, opening method and device, and hardware storage device |
Also Published As
Publication number | Publication date |
---|---|
CN108200055A (en) | 2018-06-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108200055B (en) | Software method for protecting intellectual property of embedded product | |
CN110784491B (en) | Internet of things safety management system | |
US6918038B1 (en) | System and method for installing an auditable secure network | |
CN108376211B (en) | Software authorization management method, server and system | |
CN103685138A (en) | Method and system for authenticating application software of Android platform on mobile internet | |
CN107508791B (en) | Terminal identity verification method and system based on distributed key encryption | |
WO2001059973A2 (en) | System and method for installing an auditable secure network | |
CN1409836A (en) | Computer system for application by accreditation access | |
CN103888252A (en) | UID, PID, and APPID-based control application access permission method | |
US20120210436A1 (en) | System and method for fingerprinting in a cloud-computing environment | |
CN104484620A (en) | Method for avoiding false declaration of sales volume and inventory in fast-selling sales management cloud system | |
CN111489164A (en) | Electric power transaction method and device based on Internet of things identification and block chain and electronic equipment | |
CN108400875A (en) | Authorization and authentication method, system, electronic equipment, storage medium based on key assignments | |
CN103592927A (en) | Method for binding product server and service function through license | |
CN112583594B (en) | Data processing method, acquisition device, gateway, trusted platform and storage medium | |
CN110266653A (en) | A kind of method for authenticating, system and terminal device | |
CN102752308A (en) | Network-based digital certificate comprehensive service providing system and implementation method thereof | |
CN104680040A (en) | Software loading number and activation control method and system | |
CN108769004B (en) | Remote operation safety verification method for industrial internet intelligent equipment | |
CN115021995B (en) | Multi-channel login method, device, equipment and storage medium | |
CN113051585B (en) | Data verification method and device, electronic equipment and storage medium | |
CN111523128B (en) | Information protection method, system, electronic equipment and medium | |
CN110808943B (en) | Client connection emergency management method, client and computer readable storage medium | |
CN110647726A (en) | Multi-model authorization permission framework and method based on cloud mode | |
AU776222B2 (en) | System and method for installing an auditable secure network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |