CN109241705A - A kind of software authorization method and system - Google Patents
A kind of software authorization method and system Download PDFInfo
- Publication number
- CN109241705A CN109241705A CN201810997141.3A CN201810997141A CN109241705A CN 109241705 A CN109241705 A CN 109241705A CN 201810997141 A CN201810997141 A CN 201810997141A CN 109241705 A CN109241705 A CN 109241705A
- Authority
- CN
- China
- Prior art keywords
- software
- authorized client
- authorization
- service end
- license
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000013475 authorization Methods 0.000 claims abstract description 103
- 230000004044 response Effects 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 5
- 238000001514 detection method Methods 0.000 claims description 3
- 230000000737 periodic effect Effects 0.000 claims description 2
- 230000000694 effects Effects 0.000 claims 1
- 239000004744 fabric Substances 0.000 claims 1
- 230000006870 function Effects 0.000 description 16
- 230000008569 process Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 4
- 230000002452 interceptive effect Effects 0.000 description 4
- 239000000047 product Substances 0.000 description 4
- 238000001914 filtration Methods 0.000 description 3
- 239000003795 chemical substances by application Substances 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012356 Product development Methods 0.000 description 1
- 230000006978 adaptation Effects 0.000 description 1
- 230000003044 adaptive effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 239000006227 byproduct Substances 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 238000005303 weighing Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The embodiment of the present application provides a kind of software authorization method and system, has been implanted into filter module and authorized client in software, and when software starting, filter module intercepts the starting request of software;Then, filter module sends authority checking request message to the authorized client of software according to starting request;Then, authorized client carries out authority checking to software according to the license file obtained in advance from authorization service end in the case where receiving authority checking request message;Finally, filter module starts according to the authority checking result treatment of authorized client requests, since filter module and authorized client are implanted in the software project that user uses in the form of the function packet of software, therefore, it does not need during carrying out authority checking to software using network, to solve the problems, such as that software authorization method in the prior art can not provide soft ware authorization to the user equipment in intranet environment.
Description
Technical field
This application involves software administrative skill field more particularly to a kind of software authorization method and systems.
Background technique
For user when buying software to software company, license (licensing) server of software company is according to user's
Demand generates the licensing (license) for being authorized to software product, and is distributed to user.When user's runs software
When, the user equipment of runs software can be established with license server to be connected to the network, so that license server authentication user
Whether the licensing possessed is effective.
In the software authorization method of the prior art, the licensing that possesses to can guarantee license server to user into
Row verifying, the user equipment of runs software must be able to establish with license server and be connected to the network, and therefore, user equipment is necessary
It runs in the public network.But some users may require that the user equipment and public affairs of runs software for reasons such as data confidentialities
Network Isolation altogether, i.e., in intranet environment, therefore, these user equipmenies just can not carry out licensing with license server
Verifying.
As it can be seen that how for the user equipment in intranet environment to provide the authorization of software, become those skilled in the art
Technical problem urgently to be resolved.
Summary of the invention
The embodiment of the present application provides a kind of software authorization method and system, to realize to the user equipment in intranet environment
Soft ware authorization is provided.
In a first aspect, the embodiment of the present application provides a kind of software authorization method, comprising:
Filter module intercepts the starting request of software;
The filter module requests to send authority checking request message to authorized client according to the starting;
The authorized client is in the case where receiving the authority checking request message, according to pre- from authorization service end
The license file first obtained carries out authority checking to the software;
The filter module starts request according to the authority checking result treatment of the authorized client;
Wherein, the filter module and the authorized client are implanted in the software.
Second aspect, the embodiment of the present application provide a kind of software authorization system, comprising:
Authorization service end, filter module and authorized client;
The authorization service end, for generating license file;
The filter module, the starting for intercepting software are requested;And it is requested according to the starting to the authorization
Client sends authority checking request message;
The authorized client, in the case where receiving the authority checking request message, according to the license
It demonstrate,proves file and authority checking is carried out to the software;
The filter module is also used to start according to the authority checking result treatment of the authorized client and ask
It asks.
From the above technical scheme, technical solution provided by the embodiments of the present application, software have been implanted into filter module
And authorized client, when software starting, filter module intercepts the starting request of software;Then, filter module is according to opening
Dynamic request sends authority checking request message to the authorized client of software;Then, authorized client is receiving authority checking
In the case where request message, authority checking is carried out to software according to the license file obtained in advance from authorization service end;Finally,
Filter module starts according to the authority checking result treatment of authorized client requests, due to filter module and authorized client
It is implanted in the form of the function packet of software in the software project that user uses, therefore, in the mistake for carrying out authority checking to software
It is not needed in journey using network, therefore, the user equipment that can be implemented as in intranet environment provides the soft ware authorization service for checking credentials, from
And soft ware authorization can not be provided to the user equipment in intranet environment by solving software authorization method in the prior art
Problem.
Detailed description of the invention
In order to illustrate more clearly of the technical solution of the application, letter will be made to attached drawing needed in the embodiment below
Singly introduce, it should be apparent that, for those of ordinary skills, without any creative labor,
It is also possible to obtain other drawings based on these drawings.
Fig. 1 shows a kind of network environment schematic diagram of common software operation;
Fig. 2 is a kind of flow chart of software authorization method shown in the embodiment of the present application;
Fig. 3 is the flow chart of the method provided by the embodiments of the present application for generating license file;
Fig. 4 is the flow chart of the method and step S210 provided by the embodiments of the present application for generating license file;
Fig. 5 is the flow chart of the method and step S220 provided by the embodiments of the present application for generating license file;
Fig. 6 is a kind of flow chart of software authorization method step S130 provided by the embodiments of the present application;
Fig. 7 is that software provided by the embodiments of the present application expires the flow chart of based reminding method;
Fig. 8 is the flow chart that authorization service end provided by the embodiments of the present application carries out authorization statistics;
Fig. 9 is a kind of structural schematic diagram of software authorization system shown in the embodiment of the present application.
Specific embodiment
In order to make those skilled in the art better understand the technical solutions in the application, below in conjunction with the application reality
The attached drawing in example is applied, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described implementation
Example is merely a part but not all of the embodiments of the present application.Based on the embodiment in the application, this field is common
The application protection all should belong in technical staff's every other embodiment obtained without making creative work
Range.
Before the technical solution to the embodiment of the present application is illustrated, the embodiment of the present application is answered in conjunction with attached drawing first
It is illustrated with scene.
Fig. 1 shows a kind of network environment schematic diagram of common software operation.It will be seen from figure 1 that some softwares
User for the reason of the data confidentiality, be isolated with public network by the equipment that may require that runs software, i.e., in intranet environment, example
Such as, certain company carries out the exploitation of new product using a software, can preserve on the computer due to running the software a large amount of new
The technical data of product development, these technical data are typically required secrecy, therefore the said firm may require that and run the software
Computer is physically separated with public network, from preventing technical data from leaking by public network.
The software authorization method of the prior art needs computer to establish net with license server in public network is located at
Network connection so that whether the licensing that license server authentication user possesses is effective, and permitted or is forbidden according to verification result
User uses software.So, when the computer of runs software is in intranet environment, the software authorization method of the prior art is just
It can not implement, thus, will lead to software can not normal use due to that cannot authorize.
In order to solve software authorization method in the prior art software can not be provided for the user equipment in intranet environment
The problem of authorization, the embodiment of the present application provide a kind of software authorization method and system.
Here is the present processes embodiment.
It referring to fig. 2, is a kind of flow chart of software authorization method shown in the embodiment of the present application.This method can be applied to
In the plurality of devices such as server, PC (PC), tablet computer, mobile phone, virtual reality device and intelligent wearable device.
As shown in Fig. 2, method includes the following steps:
Step S110, filter module intercept the starting request of software.
Specifically, user can be by clicking the shortcut icon of software, the launching process icon for clicking software, ordering
The instruction of input starting software in row window, the file for clicking software context format, voice wake-up, gesture wake-up or face is enabled to know
Not Huan Xing etc. modes start software.Software can generate starting request on startup, which requests for starting logging in for software
Process is to show login page or other preset processes.
In the application, filter module can be implanted to the software project that user uses by way of software function packet
In, filter module intercepts starting request, so that software will not show login page when Software Create starts request.
Step S120, the filter module request to disappear to authorized client transmission authority checking request according to the starting
Breath.
Wherein, authorized client can be implanted in the software project that user uses by way of software function packet, example
Such as, if authorized client is write using JAVA language, authorized client is exactly the jar being implanted in software project
Packet.Filter module sends authority checking request message to authorized client in the case where the starting for having intercepted software is requested,
The authority checking request message is used to indicate authorized client and carries out authority checking to software, and specifically include: whether software is referring to
Whether operation in fixed equipment, dbase correct, whether software operation module is whether authorized module, software are located
Within authorization validity period, etc..
Step S130, the authorized client is in the case where receiving the authority checking request message, according to from awarding
The license file that power server-side obtains in advance carries out authority checking to the software.
In the application, license file is that the user information provided according to user encrypts.Wherein, user information packet
The device identification of equipment, dbase and user request the software module of authorization, period of validity of software, software where including software
The one or more of function.Further, device identification may include the SN (Serial of the MAC Address of equipment, equipment
Number) code etc. can determine the identification information of the unique identities of equipment, not do in the embodiment of the present application to device identification specific
It limits.
When authorized client carries out License Authentication to software, need to verify in the software and license file that user runs
Whether user information matches.
Such as:
The user information recorded in license file has:
The MAC Address (identification information) of equipment: 12-23-AS-WE-RT
If the MAC Address of the equipment of current runs software are as follows: 23-45-DF-ER-QW just illustrates that Current software does not have
It operates in user to request in the equipment of authorization, therefore, the authority checking of the software will not be passed through, and user can not be in current device
It is upper to use the software.Therefore, by verifying the identification information of equipment, can guarantee to make to be permitted by license file and apparatus bound
Can demonstrate,prove can not use in the other equipment in addition to bound device, and license file is prevented to be abused.
Another example is:
The software module that the available authorization of user is had recorded in license file includes data statistics module, comparing
Module, data categorization module.So, if user starting be software analysis module, since analysis module is not in licensing
Within the scope of authority, the authority checking of analysis module will not be passed through file, and user is not available the analysis module of software.To
The independent authorization to each software module in software is realized, therefore, when user buys software, can also only buy software
Part of module, to reduce the expenditure cost of user.
It should be added that authorized client, which is implanted to user in the form of the function packet of software, to be made in the application
In software project, therefore, do not need therefore, to can be realized using network during carrying out authority checking to software
The soft ware authorization service for checking credentials is provided for the user equipment in intranet environment.
Step S140, the filter module starts according to the authority checking result treatment of the authorized client asks
It asks.
Specifically, if authorized client passes through the authority checking of software, filter module will let pass software
Starting request, the process that logs in of software is allowed to start;If authorized client does not pass through the authority checking of software, filtering
Device module will refuse the starting request of software, and software can jump to the wrong page, or jump to prompt user's purchase software and award
The page of power.
Therefore, the embodiment of the present application provides a kind of software authorization method, has been implanted into filter module in software and has awarded
Client is weighed, when software starting, filter module intercepts the starting request of software;Then, filter module is asked according to starting
It asks to the authorized client of software and sends authority checking request message;Then, authorized client is receiving authority checking request
In the case where message, authority checking is carried out to software according to the license file obtained in advance from authorization service end;Finally, filtering
Device module starts according to the authority checking result treatment of authorized client requests, since filter module and authorized client are with soft
The form of the function packet of part is implanted in the software project that user uses, therefore, during carrying out authority checking to software
It does not need using network, therefore, the user equipment that can be implemented as in intranet environment provides the soft ware authorization service for checking credentials, thus,
Asking for soft ware authorization can not be provided to the user equipment in intranet environment by solving software authorization method in the prior art
Topic.
With further reference to Fig. 3, for the flow chart of the method provided by the embodiments of the present application for generating license file.Such as Fig. 3
It is shown, generate the method for license file the following steps are included:
Step S210, authorized client send the license request message for carrying user information to authorization service end.
Wherein, user information includes at least one item of information, and the item of information includes at least: the equipment of equipment where software
Mark, dbase, user request the software module, period of validity of software, software function and the software version that authorize.
Illustratively, user intentionally gets 1 year right to use that a software is run in 3 equipment, then user information can
With the device identification comprising this 3 equipment, dbase and period of validity of software.Specifically, authorized client can mention for user
For one for guiding the interactive interface of user's typing user information, it is soft that user can select request to authorize in interactive interface
Part title, period of validity of software.In addition, the master of all devices in local area network can also be set out in interactive interface by way of list
Machine title, user can select wherein equipment of 3 equipment as runs software by way of choosing Hostname, when user selects
After selecting equipment, authorized client can pass through the device identification of program instruction capture apparatus.After user's typing user information, award
It weighs client and list is generated to user information, and send the license request message for carrying the list to authorization service end.
Further, some software packages contain multiple software modules or multiple software functions, when user is intended merely to using portion
When sub-module and function, the dbase that request can be selected to authorize in the interactive interface of authorized client, authorized client
All modules of software and function can be set out to come in the form of a list, user chooses according to the actual demand of itself to be wanted to make
Module and function.At this point, including not only device identification, dbase and period of validity of software in user information, also wrap
Include the software module and software function that user chooses.
It referring to fig. 4, is the flow chart of the method and step S210 provided by the embodiments of the present application for generating license file.Such as figure
Shown in 4, in a kind of selectable embodiment, step S210 be may comprise steps of:
Step S211, the authorized client obtain the first key of the authorization service end distribution.
Wherein, first key solidifies be stored in authorization service end and authorized client in advance.First key is symmetrical close
The key that key, i.e. encryption and decryption use is identical, specifically, the AES (Advanced of block encryption technology can be used
Encryption Standard, Advanced Encryption Standard) algorithm key, such as: key length is 256: AES-256-
CFB (Cipher Feedback: Cipher feedback), AES-256-GCM (Galois/counter mode, Galois/Counter
The keys such as Mode), to improve the safety of encryption.
Step S212, the authorized client encrypt the user information using the first key, generate and add
Close demand file.
Firstly, authorized client generates list according to the user information of user's typing.Illustratively, the list may include with
Lower content:
< form device_id=" 12-23-AS-WE-RT " product_id=" dinfo_v2.0 " time_limit
=" 90_days " product_module=" statistics_module, analytics_module " product_
Function=" import, export, backup, parallel processing " >
</form>
The list comprises the following information that
Then, authorized client encrypts list using first key, obtains the encrypted word for carrying user information
Symbol string, and encrypted characters string is stored in the document of preset format, generate CIPHERING REQUEST file.
Step S213, the authorized client send to the authorization service end and carry described in the CIPHERING REQUEST file
License request message.
For example, authorized client can establish network connection with authorization service end, when authorized client is needed to authorization
When server-side sends license request message, starts the network connection of authorized client and authorization service end, then authorize client
IP address or domain name that end is specified according to authorization service end send the license request message for carrying the CIPHERING REQUEST file.
Step S220, authorization service end generate the license file according to license request message.
After authorization service end receives the license request message from authorized client, preservation license request first disappears
Then the user information carried in breath encrypts user information, and be stored in the file of specific format as licensing
File.
Referring to Fig. 5, for the flow chart of the method and step S220 provided by the embodiments of the present application for generating license file.Such as figure
Shown in 5, in a kind of selectable embodiment, step S220 be may comprise steps of:
Step S221, the authorization service end receive the license request message.
Step S222, the encryption that the authorization service end uses first key to carry the license request message
Demand file is decrypted, to obtain the user information.
Specifically, the character string of encryption is read at authorization service end from CIPHERING REQUEST file first, then close using first
Key decrypts the list content comprising user information from the character string of encryption.
Step S223, the authorization service end records the user information, and uses the private key portion of default unsymmetrical key
Divide and the user information is encrypted, generates license file.
Wherein, unsymmetrical key is generated by authorization service end, includes private key and public key.Private key is taken care of by authorization service end,
For encrypting to user information, license file is generated;Public key is distributed to authorized client by authorization service end, for visitor
License file is decrypted in family end.Further, rsa encryption algorithm key can be used in the application, can specifically make
With the RSA key of longer digit, for example, using 1024 binary digits or the RSA key of 2048 binary digits, to improve
Encrypt reliability.In addition, the application can be when generating license file, using different unsymmetrical key, thus anti-every time
Only license file is stolen.
Step S230, authorization service end disappear to the licensing response that the authorized client sends carrying license file
Breath.
For example, authorized client can establish network connection with authorization service end, when authorization service end is needed to authorization
When client sends licensing response message, start the network connection of authorized client and authorization service end, then authorization service
The IP address or domain name of holding end to be specified according to authorized client send the licensing response message for carrying license file.In addition,
Authorized client can disconnect and authorization service end in receiving end licensing response message and after saving license file
Network connection, thus, authorized client carries out authority checking to software according to license file, carries out in intranet environment.
Therefore, method provided by the embodiments of the present application, authorized client only when requesting license file just need with
Network linking is established at authorization service end, and the process that authorized client carries out authority checking to software is all realized in intranet environment,
Thus, it is possible to which the equipment of runs software is isolated with public network realization, the data safety of user equipment is protected.Also, this Shen
Please embodiment method, user can select to need authorized software module or software function according to self-demand, thus
Realize the customization of soft ware authorization, user no longer needs to buy the authorization of entire software, thus reduce the expenditure of user at
This, improves user experience.
It is a kind of flow chart of software authorization method step S130 provided by the embodiments of the present application referring to Fig. 6.Such as Fig. 6 institute
Show, in a kind of selectable embodiment, step S130 be may comprise steps of:
Step S131, the authorized client solve license file using the public key portion of default unsymmetrical key
It is close, to obtain the user information.
For example, authorized client to license file be decrypted used in unsymmetrical key public key portion can within
It sets in software;Alternatively, after being encrypted by authorization service end using public key portion of the first key to unsymmetrical key, with perhaps
Response message can be demonstrate,proved and be sent to authorized client, thus, authorized client can be used first key and decrypt unsymmetrical key
Public key portion.
For example, the user information that authorized client is decrypted from license file includes:
Wherein, software version " V2.0~V2.X " user enjoys the authorization of the same generation version of " dinfo " software, and cannot obtain
The authorization of cross-version is obtained, such as user is not available the authorization that the license file obtains the V3.0 version of " dinfo " software.
Step S132, the authorized client verify whether the software matches with the user information.
For example, authorized client verifies whether the software matches with user information, may include:
Whether device identification identical, and whether dbase identical, software version whether user information limit in the range of,
Whether period of validity of software whether in the range of user information limits, believe in user by the product module or function of software request starting
In the range of breath restriction etc..
Step S1331, if it does, then the authorized client notifies the filter module clearance starting to ask
It asks.
For example, starting software logs in process, the graphic user interface of respective software module is loaded, loads Current software mould
Used plug-in unit, control under block check format association situation of software etc..
Step S1332, if it does not match, the authorized client notifies the filter module to refuse the starting and ask
It asks.
For example, software can jump to the wrong page, or jump to the page that prompt user buys soft ware authorization.
Illustratively, the wrong page of software may include: that you do not obtain soft ware authorization, please contact dealer or agent.
Illustratively, prompt user buys the page of soft ware authorization: you do not obtain soft ware authorization, please point if you need to obtain authorization
Hit following link:Purchase authorization。
Referring to Fig. 7, expire the flow chart of based reminding method for software provided by the embodiments of the present application.As shown in fig. 7, in one kind
In selectable embodiment, the software based reminding method that expires be may comprise steps of:
Step S310, the authorized client is in the case where starting request is cleared, according to the user information
The remaining validity period of software described in periodic detection.
For example, authorized client can use heartbeat detection mechanism timing (such as: daily or hourly) inspection software
Remaining validity period.
Specifically, if user 00 divides 00 second acquirement soft ware authorization at 1 day 00 November in 2018, and validity period is authorized
It is 30 days, then, which 00 can divide 00 second and fail at 1 day 00 December in 2018, and authorized client touches each time
When sending out heartbeat testing mechanism, the current time of system is read, and be compared with the out-of-service time of software, thus, obtain software
Remaining validity period.Illustratively, if the current time of system 00 is divided 00 second when being 28 days 00 November in 2018, software it is surplus
Remaining validity period be 0 hour 3 days 0 point 0 second.
Step S320, if the remaining validity period that the authorized client detects the software is lower than default presentation period
Limit, then notify the software to show the reminder message that expires.
For example, can show the reminder message that expires by pop-up when user starts software;Alternatively, the reminder message that will expire
It is shown in the designated position of the graphic user interface of software;Alternatively, in software operation, periodically by way of Pop-up message frame
Show the reminder message that expires.
Further, the frequency for the reminder message that expires can be set according to the remaining validity period of then software.For example, default prompt
Time limit is 3 days, settable every the primary reminder message that expires of display in 3 hours when remaining validity period is two days, when remaining effective
When phase is one, the primary reminder message that expires of display in settable each 1 hour.
Therefore, technical solution provided by the embodiments of the present application is lower than default presentation period by the validity period in software and prescribes a time limit,
The reminder message that expires is shown to user, reminds the user that make and the processing such as renews, and is improved the user experience.
Referring to Fig. 8, the flow chart of authorization statistics is carried out for authorization service end provided by the embodiments of the present application.As shown in figure 8,
In a kind of selectable embodiment, authorization service end, which carries out authorization statistics, be may comprise steps of:
Step S410, the authorization service end are the license in the case where receiving the license request message
It demonstrate,proves request message and generates work order.
Wherein, the work order records the authorization service end to the processing progress of the license request message.For example, awarding
" my application " " mine is pending " " I can be provided for the manager (exploitation side, seller, agent etc.) of software by weighing server-side
Product " subfields such as " mine has done ", wherein " my application " is used for according to user information to management end licensing text
Part, " mine is pending " for listing untreated license request message, " my product " can provide the soft of authorization for managing
Part product, " mine has done " is for listing processed license request message.
Step S420, the authorization service end is according to the authorization distribution situation of the work order statistical software.
Wherein, the authorization distribution situation includes the number of users of user list and every money soft ware authorization.
Step S430 is generated according to the authorization distribution situation and is shown chart.
By visually showing which user icon, the software that the manager of software can understand oneself have using,
And the user which software uses is more, and the user which software uses is less etc., to be software manager designated software
Marketing strategy or software development strategy provide reference.
Here is the Installation practice of the application, can be used for executing the present processes embodiment.For the application device
Undisclosed details in embodiment, please refers to the application embodiment of the method.
It is a kind of structural schematic diagram of software authorization system shown in the embodiment of the present application referring to Fig. 9, which can answer
For in the plurality of devices such as server, PC (PC), tablet computer, mobile phone, virtual reality device and intelligent wearable device.
Shown in Figure 9, which may include:
Authorization service end 510, filter module 520 and authorized client 530.
The authorization service end 510, for generating license file;
The filter module 520, the starting for intercepting software are requested;And it is requested according to the starting to described
Authorized client 530 sends authority checking request message;
The authorized client 530, for being permitted according to described in the case where receiving the authority checking request message
File can be demonstrate,proved, authority checking is carried out to the software;
The filter module 520 is also used to open according to the authority checking result treatment of the authorized client 530
Dynamic request.
Therefore, the embodiment of the present application provides a kind of software authorization system, has been implanted into filter module in software and has awarded
Client is weighed, when software starting, filter module intercepts the starting request of software;Then, filter module is asked according to starting
It asks to the authorized client of software and sends authority checking request message;Then, authorized client is receiving authority checking request
In the case where message, authority checking is carried out to software according to the license file obtained in advance from authorization service end;Finally, filtering
Device module starts according to the authority checking result treatment of authorized client requests, since filter module and authorized client are with soft
The form of the function packet of part is implanted in the software project that user uses, therefore, during carrying out authority checking to software
It does not need using network, therefore, the user equipment that can be implemented as in intranet environment provides the soft ware authorization service for checking credentials, thus,
Asking for soft ware authorization can not be provided to the user equipment in intranet environment by solving software authorization method in the prior art
Topic.
The application can be used in numerous general or special purpose computing system environments or configuration.Such as: personal computer, service
Device computer, handheld device or portable device, laptop device, multicomputer system, microprocessor-based system, top set
Box, programmable consumer-elcetronics devices, network PC, minicomputer, mainframe computer, including any of the above system or equipment
Distributed computing environment etc..
The application can describe in the general context of computer-executable instructions executed by a computer, such as program
Module.Generally, program module includes routines performing specific tasks or implementing specific abstract data types, programs, objects, group
Part, data structure etc..The application can also be practiced in a distributed computing environment, in these distributed computing environments, by
Task is executed by the connected remote processing devices of communication network.In a distributed computing environment, program module can be with
In the local and remote computer storage media including storage equipment.
It should be noted that, in this document, the relational terms of such as " first " and " second " or the like are used merely to one
A entity or operation with another entity or operate distinguish, without necessarily requiring or implying these entities or operation it
Between there are any actual relationship or orders.Moreover, the terms "include", "comprise" or its any other variant are intended to
Cover non-exclusive inclusion, so that the process, method, article or equipment for including a series of elements not only includes those
Element, but also including other elements that are not explicitly listed, or further include for this process, method, article or setting
Standby intrinsic element.
Those skilled in the art will readily occur to its of the application after considering specification and practicing application disclosed herein
Its embodiment.This application is intended to cover any variations, uses, or adaptations of the application, these modifications, purposes or
Person's adaptive change follows the general principle of the application and including the undocumented common knowledge in the art of the application
Or conventional techniques.The description and examples are only to be considered as illustrative, and the true scope and spirit of the application are by following
Claim is pointed out.
It should be understood that the application is not limited to the precise structure that has been described above and shown in the drawings, and
And various modifications and changes may be made without departing from the scope thereof.Scope of the present application is only limited by the accompanying claims.
Claims (10)
1. a kind of software authorization method, which is characterized in that the described method includes:
Filter module intercepts the starting request of software;
The filter module requests to send authority checking request message to authorized client according to the starting;
The authorized client is obtained in the case where receiving the authority checking request message according to from authorization service end in advance
The license file taken carries out authority checking to the software;
The filter module starts request according to the authority checking result treatment of the authorized client;
Wherein, the filter module and the authorized client are implanted in the software.
2. the method according to claim 1, wherein further include:
The authorized client sends the license request message for carrying user information to the authorization service end;
The authorization service end generates the license file according to the license request message;
The authorization service end sends the licensing response message for carrying the license file to the authorized client.
3. described according to the method described in claim 2, it is characterized in that, the user information includes at least one item of information
Item of information includes at least: the device identification of equipment, dbase, user request the software module of authorization, software to have where software
Effect phase, software function and software version.
4. according to the described in any item methods of claim 2-3, which is characterized in that the authorized client is to the authorization service
End sends the license request message for carrying user information, comprising:
The authorized client obtains the first key of the authorization service end distribution;
The authorized client encrypts the user information using the first key, generates CIPHERING REQUEST file;
The authorized client disappears to the license request that the authorization service end sends the carrying CIPHERING REQUEST file
Breath.
5. according to the method described in claim 4, it is characterized in that, the authorization service end is according to the license request message
Generate the license file, comprising:
The authorization service end receives the license request message;
The authorization service end carries out the CIPHERING REQUEST file that the license request message carries using first key
Decryption, to obtain the user information;
The authorization service end records the user information, and is believed using the private component of default unsymmetrical key the user
Breath is encrypted, and license file is generated.
6. according to the method described in claim 5, it is characterized in that, the authorized client obtains in advance according to from authorization service end
The license file taken carries out authority checking to the software, comprising:
The authorized client is decrypted license file using the public key portion of default unsymmetrical key, described in obtaining
User information;
The authorized client verifies whether the software matches with the user information;
If it does, then the authorized client notifies the filter module clearance starting request;
If it does not match, the authorized client notifies the filter module to refuse the starting request.
7. according to the method described in claim 6, it is characterized in that, the authorized client verifies the software and the user
Whether information matches, comprising:
The authorized client verifies the range whether software module that the software is currently up limits in the user information
It is interior.
8. according to the method described in claim 2, it is characterized in that, the method also includes:
The authorized client is soft according to the user information periodic detection in the case where starting request is cleared
The remaining validity period of part;
It is preset the prompt time limit if the remaining validity period that the authorized client detects the software is lower than, described in notice
Software shows the reminder message that expires.
9. according to the method described in claim 2, it is characterized in that, the method also includes:
The authorization service end is generated in the case where receiving the license request message for the license request message
Work order;
The authorization service end is according to the authorization distribution situation of the work order statistical software;
It is generated according to the authorization distribution situation and shows chart;
Wherein, the work order records the authorization service end to the processing progress of the license request message;The authorization point
Cloth situation includes the number of users of user list and every money soft ware authorization.
10. a kind of software authorization system, which is characterized in that described device includes: authorization service end, filter module and authorization visitor
Family end;
The authorization service end, for generating license file;
The filter module, the starting for intercepting software are requested;And it is requested according to the starting to the authorization client
End sends authority checking request message;
The authorized client, in the case where receiving the authority checking request message, according to the licensing text
Part carries out authority checking to the software;
The filter module is also used to start request according to the authority checking result treatment of the authorized client.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810997141.3A CN109241705A (en) | 2018-08-29 | 2018-08-29 | A kind of software authorization method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810997141.3A CN109241705A (en) | 2018-08-29 | 2018-08-29 | A kind of software authorization method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109241705A true CN109241705A (en) | 2019-01-18 |
Family
ID=65069463
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810997141.3A Pending CN109241705A (en) | 2018-08-29 | 2018-08-29 | A kind of software authorization method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109241705A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109726528A (en) * | 2019-03-18 | 2019-05-07 | 百度在线网络技术(北京)有限公司 | Vehicle device Service Activation, vehicle device service request method, device, equipment and medium |
| CN112528235A (en) * | 2020-12-04 | 2021-03-19 | 上海波客实业有限公司 | Method for authorizing industrial software |
| CN112596740A (en) * | 2020-12-28 | 2021-04-02 | 北京千方科技股份有限公司 | Program deployment method and device |
| CN112765566A (en) * | 2021-01-06 | 2021-05-07 | 航天信息股份有限公司 | Method and device for safely generating authorization file |
| CN113268715A (en) * | 2020-02-14 | 2021-08-17 | 中移(苏州)软件技术有限公司 | Software encryption method, device, equipment and storage medium |
| CN113742660A (en) * | 2021-08-11 | 2021-12-03 | 阿里巴巴新加坡控股有限公司 | Application program permission management system and method |
| CN114020361A (en) * | 2021-11-09 | 2022-02-08 | 上海浦东发展银行股份有限公司 | Filter-based chained rule processing method and device and storage medium |
| CN115037547A (en) * | 2022-06-22 | 2022-09-09 | 北京天拓四方科技有限公司 | Software authorization method and system |
| CN115374405A (en) * | 2022-08-22 | 2022-11-22 | 广州鼎甲计算机科技有限公司 | Software authorization method, license authorization method, device, equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103186725A (en) * | 2011-12-31 | 2013-07-03 | 北大方正集团有限公司 | Software authorization method and device |
| CN103491098A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization method based on public key cryptosystem |
| CN104680041A (en) * | 2015-02-06 | 2015-06-03 | 浪潮集团有限公司 | Offline software authorization validity verification method |
| US9471756B2 (en) * | 2006-06-27 | 2016-10-18 | Intuit Inc. | Method and apparatus for authorizing a software product to be used on a computer system |
| CN106529216A (en) * | 2016-10-27 | 2017-03-22 | 西安交通大学 | Software authorization system based on public storage platforms and software authorization method |
-
2018
- 2018-08-29 CN CN201810997141.3A patent/CN109241705A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9471756B2 (en) * | 2006-06-27 | 2016-10-18 | Intuit Inc. | Method and apparatus for authorizing a software product to be used on a computer system |
| CN103186725A (en) * | 2011-12-31 | 2013-07-03 | 北大方正集团有限公司 | Software authorization method and device |
| CN103491098A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization method based on public key cryptosystem |
| CN104680041A (en) * | 2015-02-06 | 2015-06-03 | 浪潮集团有限公司 | Offline software authorization validity verification method |
| CN106529216A (en) * | 2016-10-27 | 2017-03-22 | 西安交通大学 | Software authorization system based on public storage platforms and software authorization method |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109726528A (en) * | 2019-03-18 | 2019-05-07 | 百度在线网络技术(北京)有限公司 | Vehicle device Service Activation, vehicle device service request method, device, equipment and medium |
| CN109726528B (en) * | 2019-03-18 | 2021-05-04 | 百度在线网络技术(北京)有限公司 | Method, device, equipment and medium for activating and requesting vehicle-machine service |
| CN113268715A (en) * | 2020-02-14 | 2021-08-17 | 中移(苏州)软件技术有限公司 | Software encryption method, device, equipment and storage medium |
| CN112528235A (en) * | 2020-12-04 | 2021-03-19 | 上海波客实业有限公司 | Method for authorizing industrial software |
| CN112596740A (en) * | 2020-12-28 | 2021-04-02 | 北京千方科技股份有限公司 | Program deployment method and device |
| CN112765566A (en) * | 2021-01-06 | 2021-05-07 | 航天信息股份有限公司 | Method and device for safely generating authorization file |
| CN113742660A (en) * | 2021-08-11 | 2021-12-03 | 阿里巴巴新加坡控股有限公司 | Application program permission management system and method |
| CN113742660B (en) * | 2021-08-11 | 2023-07-25 | 阿里巴巴新加坡控股有限公司 | Application program license management system and method |
| CN114020361A (en) * | 2021-11-09 | 2022-02-08 | 上海浦东发展银行股份有限公司 | Filter-based chained rule processing method and device and storage medium |
| CN115037547A (en) * | 2022-06-22 | 2022-09-09 | 北京天拓四方科技有限公司 | Software authorization method and system |
| CN115037547B (en) * | 2022-06-22 | 2024-04-05 | 北京天拓四方科技有限公司 | Software authorization method and system |
| CN115374405A (en) * | 2022-08-22 | 2022-11-22 | 广州鼎甲计算机科技有限公司 | Software authorization method, license authorization method, device, equipment and storage medium |
| CN115374405B (en) * | 2022-08-22 | 2024-02-20 | 广州鼎甲计算机科技有限公司 | Software authorization method, license authorization method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109241705A (en) | A kind of software authorization method and system | |
| CN106605232B (en) | Utilization strategies keep data protection | |
| CN105103488B (en) | By the policy Enforcement of associated data | |
| US9070112B2 (en) | Method and system for securing documents on a remote shared storage resource | |
| US6173402B1 (en) | Technique for localizing keyphrase-based data encryption and decryption | |
| US8245037B1 (en) | Encryption key management | |
| CN105122265B (en) | Data safety service system | |
| US20130254536A1 (en) | Secure server side encryption for online file sharing and collaboration | |
| US20140181931A1 (en) | Multi-platform user device malicious website protection system | |
| CN105103119A (en) | Data security service | |
| CN105191207A (en) | Federated key management | |
| EP2251810B1 (en) | Authentication information generation system, authentication information generation method, and authentication information generation program utilizing a client device and said method | |
| CN105027130A (en) | Delayed data access | |
| CN102244674B (en) | System for digital rights management using a standard rendering engine | |
| CN103095457A (en) | Login and verification method for application program | |
| US8848922B1 (en) | Distributed encryption key management | |
| US20240031342A1 (en) | System, method, and computer-accessible medium for hiding messages sent to third parties | |
| CN107040520A (en) | A kind of cloud computing data-sharing systems and method | |
| KR20030029475A (en) | Outside leakage preventing system of confidential information | |
| CN114070646A (en) | Data encryption and decryption method, system, device, electronic equipment and medium | |
| US11849031B2 (en) | Method and system for digital health data encryption | |
| CN113193956B (en) | Account information processing method and device | |
| Al-Sarayreh et al. | A trade-off model of software requirements for balancing between security and usability issues | |
| EP1901196A2 (en) | Method of and system for security and privacy protection in medical forms | |
| JP2002152188A (en) | Information acquisition system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 230000 zone B, 19th floor, building A1, 3333 Xiyou Road, hi tech Zone, Hefei City, Anhui Province Applicant after: Dingfu Intelligent Technology Co., Ltd Address before: Room 630, 6th floor, Block A, Wanliu Xingui Building, 28 Wanquanzhuang Road, Haidian District, Beijing Applicant before: DINFO (BEIJING) SCIENCE DEVELOPMENT Co.,Ltd. |
|
| CB02 | Change of applicant information | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190118 |
|
| RJ01 | Rejection of invention patent application after publication |