CN109598104B - Software authorization protection system and method based on timestamp and secret authentication file - Google Patents
Software authorization protection system and method based on timestamp and secret authentication file Download PDFInfo
- Publication number
- CN109598104B CN109598104B CN201811430399.1A CN201811430399A CN109598104B CN 109598104 B CN109598104 B CN 109598104B CN 201811430399 A CN201811430399 A CN 201811430399A CN 109598104 B CN109598104 B CN 109598104B
- Authority
- CN
- China
- Prior art keywords
- authorization
- module
- authentication
- certificate
- software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000013475 authorization Methods 0.000 claims abstract description 125
- 238000004891 communication Methods 0.000 claims abstract description 12
- GNFTZDOKVXKIBK-UHFFFAOYSA-N 3-(2-methoxyethoxy)benzohydrazide Chemical compound COCCOC1=CC=CC(C(=O)NN)=C1 GNFTZDOKVXKIBK-UHFFFAOYSA-N 0.000 claims description 2
- FGUUSXIOTUKUDN-IBGZPJMESA-N C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 Chemical compound C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 FGUUSXIOTUKUDN-IBGZPJMESA-N 0.000 claims description 2
- YTAHJIFKAKIKAV-XNMGPUDCSA-N [(1R)-3-morpholin-4-yl-1-phenylpropyl] N-[(3S)-2-oxo-5-phenyl-1,3-dihydro-1,4-benzodiazepin-3-yl]carbamate Chemical compound O=C1[C@H](N=C(C2=C(N1)C=CC=C2)C1=CC=CC=C1)NC(O[C@H](CCN1CCOCC1)C1=CC=CC=C1)=O YTAHJIFKAKIKAV-XNMGPUDCSA-N 0.000 claims description 2
- 239000004816 latex Substances 0.000 claims description 2
- 229920000126 latex Polymers 0.000 claims description 2
- 238000012795 verification Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000008092 positive effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a software authorization protection system and a method thereof based on a timestamp and a secret authentication file, relating to computer and mobile phone operating systems. The system is as follows: the certificate making module (1), the authorization module (3), the authentication module (2), the login module (4) and the main control module (5) are sequentially interacted; the main control module (5) is respectively interacted with the acquisition module (6), the analysis module (7), the positioning module (8) and the display module (9); the acquisition module (6), the analysis module (7), the positioning module (8) and the display module (9) are respectively interacted with the communication module (10), and the communication module (10) is interacted with the storage module (11). The method comprises the following steps: generating an authorization certificate (201); ② authorization-202; ③ authentication (203). The invention can solve the problem that the application software is illegally used under the condition of unauthorized use.
Description
Technical Field
The invention relates to computer and mobile phone operating systems, in particular to a software authorization protection system and a software authorization protection method based on a timestamp and a secret authentication file.
Background
The existing software general protection methods, such as office software of Jinshanggiba and Microsoft, all adopt a protection mode that a set of software issues an authorization code or certificate. This protection method can only deal with the situation that the user does not get the authorization code. Obviously, the protection method for binding one authorization code by one set of software has the following problems:
firstly, a user can easily obtain an authorization code or a certificate through the Internet;
the authorization code or the certificate provided by the matched software is used for authentication, and the authorization code or the certificate is visible, so that the authorization code or the certificate is easy to decrypt and break;
when the software authorization expires, the software can still be used after the system time of the machine is modified;
and fourthly, the authorization code is not bound with the machine code of the machine, and the software can be copied and used in large quantity.
Disclosure of Invention
The invention aims to prevent the problem of unauthorized use of application software and provides a software authorization protection system and a method thereof based on a timestamp and a secret authentication file.
The invention has the advantages that the authorization certificate only binds the equipment code, the authorization certificate is separated from the authentication file, the authentication file is hidden, and the like, can effectively protect the copyright of software under the conditions of no authorization of a software developer and overdue authorized use time, and has important application value.
The technical scheme for realizing the purpose of the invention is as follows:
a, system
The system comprises a certificate making module, an authentication module, an authorization module, a login module, a main control module, an acquisition module, an analysis module, a positioning module, a display module, a communication module and a storage module;
the certificate making module, the authorization module, the authentication module, the login module and the main control module are sequentially interacted;
the main control module is respectively interacted with the acquisition module, the analysis module, the positioning module and the display module;
the acquisition module, the analysis module, the positioning module and the display module are respectively interacted with the communication module, and the communication module is interacted with the storage module.
Second, method
The method comprises the following steps:
step one, generating an authorization certificate
The system generates an authorization certificate through a certificate making module 1;
step two of authorization
The system can work only after being authorized;
the authorization method comprises the following steps: after reading the authorization certificate, the authorization module generates a secret authentication file;
when the system is in operation, the authentication file is accessed;
after the authorization certificate is authorized to expire, the authorization can not be performed again.
Step III authentication
At the starting entrance of SoftWare SoftWare of the system, checking whether the equipment meets the operation conditions provided by the hidden secret authentication file, and if not, refusing to operate;
if the operation condition is met, normally operating SoftWare;
before the SoftWare exits, the current time is obtained, after encryption, the latetlyRumTime parameter value in the hidden secret authentication file is updated to the current time, and then the SoftWare exits.
The invention has the following advantages and positive effects:
firstly, the License file of the system and the SoftWare binding device code of the application SoftWare are copied to unauthorized devices and cannot run;
when the authorization is carried out, the authorization software of the system compares the secret hidden authentication file with the License of the authorization file, and when the hidden authentication file is overdue, the authorization software can modify the License to be invalid, so that the License after overdue cannot be authorized again;
thirdly, when the application SoftWare exits after running normally, the LatelyRunTime timestamp of the hidden authentication file can be modified;
because the hidden authentication file is invisible, the user can not find the hidden authentication file, and therefore the hidden authentication file can not be cracked and modified; so even if the illegal user modifies the system time, the software still can not be used;
fifthly, hardware equipment and cost do not need to be added by application software, and simplicity and high efficiency are realized;
in conclusion, the invention can solve the problem that the application software is illegally used without authorization.
Drawings
FIG. 1 is a block diagram of the architecture of the present system;
in the figure:
1-making a certificate module;
2-an authentication module;
3-an authorization module;
4, a login module:
5, a main control module;
6, an acquisition module;
7-an analysis module;
8, a positioning module;
9-a display module;
10-a communication module;
11-memory module.
FIG. 2 is a work flow diagram of the method:
FIG. 3 is a flowchart of the method steps of generating a certificate;
FIG. 4 is a flowchart of the operation of authorization of method step two;
fig. 5 is a flow chart of the authentication procedure of the method.
Detailed Description
The following provides a detailed description of embodiments of the invention, taken in conjunction with the accompanying drawings.
A, system
1. General of
As shown in fig. 1, the system includes a certificate making module 1, an authentication module 2, an authorization module 3, a login module 4, a main control module 5, an acquisition module 6, an analysis module 7, a positioning module 8, a display module 9, a communication module 10 and a storage module 11;
the certificate making module 1, the authorization module 3, the authentication module 2, the login module 4 and the main control module 5 are sequentially interacted;
the main control module 5 is respectively interacted with the acquisition module 6, the analysis module 7, the positioning module 8 and the display module 9; the acquisition module 6, the analysis module 7, the positioning module 8 and the display module 9 are respectively interacted with the communication module 10, and the communication module 10 is interacted with the storage module 11.
When trying to use the application software, the user equipment calls the authentication module 2 to perform authentication; the authentication module 2 returns authentication failure when finding that the device does not obtain authorization; when the user equipment finds that the authorization is not available, the authorization should be applied to an authorized party in order to use the application softWare softWare; after obtaining the authorization application, the authorization party requires the user equipment to provide an equipment code, determines a starting use date and an authorization deadline for the user equipment according to specific conditions, and makes an authorization certificate; the authorization party provides an authorization certificate and authorization software for the user equipment at the same time; when the user equipment runs the application software, firstly running the authorization software to read the authorization certificate to authorize the user equipment; the authorized user equipment can start the application software, and the application software normally runs after passing the authentication; if the authorization is overdue, authentication failure occurs; at which point the user equipment should again apply for authorization.
2. Main function module
1) Certificate making module 1
The work flow of making the certificate module 1 is shown in fig. 3;
making a certificate requires obtaining 6 parameters using a-f as follows:
a: device code machine ID
The equipment code machine ID, the serial number of a hard disk in the equipment, the serial number of a CPU, the MAC address of a network card and the like can distinguish unique identifiers of other equipment, or the IMEI of a mobile phone and the like can distinguish unique identifiers of other equipment;
b: an authorization start time, StartTime;
c: an authorization deadline EndTime;
d: last software running time LatelyRunTime;
e: the check code verfiyCode;
f: and an overdue flag.
flag: 0 is valid and 1 is not.
Firstly, a certificate making module generates a plaintext code of an authorization certificate by using the 6 parameters of a-f;
and secondly, the certificate making module selects an encryption algorithm encryption (corresponding to a decryption algorithm decryption), encrypts a plaintext code of the authorization certificate and generates an authorization certificate License.
2) Authentication module 2
The operating principle of the authorization module 2 is as follows:
A. reading the authorization certificate and checking the validity of the certificate;
B. creating a secret hidden path;
C. creating an authentication file encrypt hidden in the path;
the authentication file is hidden and its storage path and name (including file name and suffix name) are not visible to the user.
The workflow diagram of the authorization module is shown in fig. 4.
3) Authorisation module 3
The operation flow of the authentication module 3 is shown in fig. 5.
The other functional modules are common modules.
Second, method
Referring to fig. 2, the method comprises the following steps:
step one, generating an authorization certificate-201
The system generates an authorization certificate through a certificate making module 1;
The system can work only after being authorized;
the authorization method comprises the following steps: after reading the authorization certificate, the authorization module 3 generates a secret authentication file;
when the system is in operation, the authentication file is accessed;
after the authorization certificate is authorized to expire, the authorization can not be performed again.
Step three authentication-203
At the starting entrance of SoftWare SoftWare of the system, checking whether the equipment meets the operation conditions provided by the hidden secret authentication file, and if not, refusing to operate;
if the operation condition is met, normally operating SoftWare;
before the SoftWare exits, the current time is obtained, after encryption, the latetlyRumTime parameter value in the hidden secret authentication file is updated to the current time, and then the SoftWare exits.
1. Working process for generating authorization certificate
As in fig. 3, comprising the following sub-steps:
I. input basic parameter-301
Inputting basic parameters, namely a device code machine ID provided by a user, an authorization start timestamp StartTime and an authorization expiration timestamp EndTime;
II. Generating check code-302
Generating a check code verfiyCode, and selecting certain bytes in the three parameters to form the check code verfiyCode according to the input three basic parameters; meanwhile, the latex RunTime is initialized to be the StartTime value, and the overdue flag is 0, so that the method is effective; forming a certificate plaintext code according to the machineID, StartTime, EndTime, LatelyRunTime, verfiyCode and flag;
III, generating a certificate plaintext code-303
Selecting an encryption algorithm, encrypting a certificate plaintext code, generating a ciphertext encode, generating an authorization certificate License, and writing the ciphertext encode into the authorization certificate;
IV, encryption Generation authorization certificate-304
An authorization certificate file is generated.
2. Step two authorized work flow
As in fig. 4, comprising the following sub-steps:
preparing, copying the authorized software and the authorized certificate to the device A, and operating the authorized software;
start-400;
a. get machine code-401
After the authorized software runs, acquiring the machineID of the device A as a contrast value of the step d;
b. read certificate ciphertext-402
The authorization software opens the authorization certificate and reads the ciphertext encode1 in the authorization certificate; calling a decryption algorithm decryption to obtain decrypted plaintext MachineID1, StartTime1, EndTime1, LatelyRunTime1, verfiyCode1 and flag 1;
c. flag1-403 is judged
Judging whether the flag1 is 0, if so, the condition is true, namely the flag is 0, the authorization certificate is valid, and entering the step d;
if the condition is false, i.e. flag is 1, the authorization certificate is invalid, the authorization certificate is overdue, so that the authorization fails-M4 and exits-413;
d. determine machine code-404
Judging whether the machineID is equal to the machineID1, namely whether the machineID of the device A is the same as the machineID1 of the certificate;
if the condition is true, that is, the device a is the authorized device of the certificate, step e is entered;
if the condition is false, device A is an illegal authorized device, so authorization fails-M4 and exits-413;
e. determining the existence of an authentication document-405
The authorization software checks whether a hidden authentication file encrypt exists in the device A;
if yes, entering step g;
if not, entering step f;
f. creation of authentication files-406
A hidden path is created in the device A, a hidden authentication file encrypt is generated under the hidden path, meanwhile, an authorization certificate ciphertext is written into the encrypt, namely, the authorization is successful-M3, and then the authorization software can opt out of-413;
g. read authentication file-407
Reading a hidden authentication file encrypt memory, decrypting to obtain a plaintext, and obtaining a MachineID2, StartTime2, EndTime2, LatelyRunTime2 and a verfiyCode 2;
h. get current timestamp-408
Acquiring a current timestamp now of the system;
i. judging system time authenticity-409
Judging whether LatelyRunTime2> now is true, namely judging whether the last running timestamp saved in the hidden authentication file is greater than the current timestamp;
if false, go to step j;
if true, now becomes smaller, indicating that the current system time is modified to a smaller time value, belonging to time spoofing, the purpose of which is to obtain authorization again, so that-M1 cannot be authorized for this case, so authorization fails-M4, and exits-413;
j. judge certificate validity-410
The determination conditions startTime1> startTime2 and endTime1> endTime2
And latelyRunTime1> -latelyRunTime 12; the first two conditions are that whether startTime, endTime and latelyRunTime of the License of the authorization certificate are more than or equal to startTime, endTime and latelyRunTime corresponding to the hidden authentication file encrypt is judged;
if true encrypt, enter step k;
if false, entering step l;
k. establish authentication file-411
If the authorization condition is met, rewriting the hidden authentication file according to the authorization certificate ciphertext, and authorizing successfully M3;
l, setting certificate invalid-412
If one condition is not met, the new authorization timestamp is smaller than the timestamp stored by the encrypt, the license of the license file cannot authorize the software, the flag of the license file needs to be set to be 1, and the license file is in an invalid state; authorization failed-M2 and exits-413;
m, Exit-413
The operation is quitted;
n, system time can not be modified-M1
And (4) prompting: the system time cannot be modified;
o, certificate overdue-M2
And (4) prompting: the certificate is expired;
p, authorization success-M3
And (4) prompting: the authorization is successful;
q, authorization failure-M4
And (4) prompting: the authorization fails.
3. Step III authentication work flow
When the application softWare softWare runs, calling an independent authentication module at a softWare entrance to authenticate the running authority of the application softWare softWare;
as in fig. 5, comprising the following sub-steps:
authentication portal-500
Preparing, copying the application softWare softWare to the device A, operating the application softWare softWare, and calling the authentication module;
A. get-501
Acquiring the machien ID0 of the device A as the contrast value of the step 303;
B. read authentication file-502
Reading a hidden authentication file encrypt memory, and decrypting to obtain a plaintext to obtain a machine ID, a StartTime, an EndTime, a LatelyRunTime, a verfiyCode and a flag value;
C. judgment device-503
Determines whether the device is an authorized device, determines whether the condition machine id0 is satisfied,
if true, entering step D;
if the authentication result is false, the device is an unauthorized device, and authentication failure-M2 is returned;
D. judge validity-504
Judging whether the authentication file is valid or not, and judging whether a condition flag is true or not, namely whether the authentication file is valid or not;
if true, go to step E;
if the authentication file is false, the authentication file is invalid, and authentication failure-M2 is returned;
E. verification check code-505
Judging whether the condition is to check that the verifyCode is correct or not;
if true, go to step F;
if false, returning authentication failure-M2;
F. get System time-506
Acquiring the current time now of the system;
G. judging time validity-507
Judging whether the condition is that now > latelyRuntime is true, namely judging whether the current time is greater than the time when the software stored in the hidden authentication file operates and exits last time;
if true, go to step H;
if the system time is false, the current time is less than the time when the software stored in the hidden authentication file is operated and quitted last time, which is impossible, and the situation can be happened only after the system time is false, so that authentication failure is returned to-M2;
H. judgment of overdue-508
Judging whether the condition now > endTime is true;
if true, go to step I;
if false, returning authentication success-M2;
I. modification of authentication File-509
Modifying the flag mark of the hidden authentication file to be 1, namely setting the authorization overdue; returning authentication failure-M2;
J. successful authentication-M1
And (4) prompting: the authentication is successful;
l, authentication failure-M2
And prompting that the authentication fails.
4. Operation of
After the authentication of the application softWare softWare is successful, entering an operation main interface, wherein the operation main interface is the same as normal softWare without an authentication module; when the SoftWare exits, the current time is acquired, the hidden authentication file latetlyRumTime is updated to the current time after being encrypted, and then the SoftWare exits.
Claims (1)
1. A software authorization protection method based on a time stamp and a secret authentication file,
the software authorization protection system comprises a certificate making module (1), an authentication module (2), an authorization module (3), a login module (4), a main control module (5), a collection module (6), an analysis module (7), a positioning module (8), a display module (9), a communication module (10) and a storage module (11);
the certificate making module (1), the authorization module (3), the authentication module (2), the login module (4) and the main control module (5) are sequentially interacted;
the main control module (5) is respectively interacted with the acquisition module (6), the analysis module (7), the positioning module (8) and the display module (9);
the acquisition module (6), the analysis module (7), the positioning module (8) and the display module (9) are respectively interacted with the communication module (10), and the communication module (10) is interacted with the storage module (11);
the software authorization protection method comprises the following steps:
step (1) generating authorization certificate
The system generates an authorization certificate through a certificate making module (1);
step two authorization (202)
The system can work only after being authorized;
the authorization method comprises the following steps: after reading the authorization certificate, the authorization module (3) generates a secret authentication file;
when the system is in operation, the authentication file is accessed;
after the authorization certificate expires, the authorization can not be performed again;
step three authentication (203)
At the starting entrance of SoftWare SoftWare of the system, checking whether the equipment meets the operation conditions provided by the hidden secret authentication file, and if not, refusing to operate;
if the operation condition is met, normally operating SoftWare;
before the SoftWare exits, the current time is obtained, after encryption, the latetlyRumTime parameter value in the hidden secret authentication file is updated to the current time, and then the SoftWare exits;
the method is characterized in that:
the steps include a work flow of generating an authorization certificate:
I. inputting basic parameters (301)
Inputting basic parameters, namely a device code machine ID provided by a user, an authorization start timestamp StartTime and an authorization expiration timestamp EndTime;
II. Generating check code (302)
Generating a check code verfiyCode, and selecting certain bytes in the three parameters to form the check code verfiyCode according to the input three basic parameters; meanwhile, the latex RunTime is initialized to be the StartTime value, and the overdue flag is 0, so that the method is effective; forming a certificate plaintext code according to the machineID, StartTime, EndTime, LatelyRunTime, verfiyCode and flag;
III generating certificate plaintext code (303)
Selecting an encryption algorithm, encrypting a certificate plaintext code, generating a ciphertext encode, generating an authorization certificate License, and writing the ciphertext encode into the authorization certificate;
IV, encrypting to generate authorization certificate (304)
Generating an authorization certificate file;
the step two is an authorized work flow:
preparing, copying the authorized software and the authorized certificate to the device A, and operating the authorized software;
-starting (400);
a. acquiring machine code (401)
After the authorized software runs, acquiring the machineID of the device A as a contrast value of the step d;
b. reading certificate ciphertext (402)
The authorization software opens the authorization certificate and reads the ciphertext encode1 in the authorization certificate; calling a decryption algorithm decryption to obtain decrypted plaintext MachineID1, StartTime1, EndTime1, LatelyRunTime1, verfiyCode1 and flag 1;
c. judgment flag1(403)
Judging whether the flag1 is 0, if so, the condition is true, namely the flag is 0, the authorization certificate is valid, and entering the step d;
if the condition is false, i.e. flag is 1, the authorization certificate is invalid, the authorization certificate is overdue, so that the authorization fails-M4 and exits-413;
d. judging machine code (404)
Judging whether the machineID is equal to the machineID1, namely whether the machineID of the device A is the same as the machineID1 of the authorized certificate;
if the condition is true, that is, the device a is the authorized device of the authorized certificate, step e is entered;
if the condition is false, device A is an illegal authorized device, so authorization fails-M4 and exits-413;
e. determining that an authentication file exists (405)
The authorization software checks whether a hidden authentication file encrypt exists in the device A;
if yes, entering step g;
if not, entering step f;
f. creating an authentication file (406)
A hidden path is created in the device A, a hidden authentication file encrypt is generated under the hidden path, meanwhile, an authorization certificate ciphertext is written into the encrypt, namely, the authorization is successful-M3, and then the authorization software can opt out of-413;
g. read 1 st authentication file (407)
Reading the hidden 1 st authentication file encrypt memory, decrypting to obtain a plaintext, and obtaining a MachineID2, StartTime2, EndTime2, LatelyRunTime2 and a verfiyCode 2;
h. get current timestamp (408)
Acquiring a current timestamp now of the system;
i. judging system time reality (409)
Judging whether LatelyRunTime2> now is true, namely judging whether the last running timestamp saved in the hidden authentication file is greater than the current timestamp;
if false, go to step j;
if true, that is, now becomes smaller, it means that the current system time is modified to a smaller time value, belonging to time spoofing, the purpose of which is to obtain authorization again, so that authorization cannot be authorized for this situation, so that authorization fails, and exit (413);
j. judge certificate validity-410
The determination conditions startTime1> startTime2 and endTime1> endTime2
And latelyRunTime1> -latelyRunTime 12; the first two conditions are that whether startTime, endTime and latelyRunTime of the License of the authorization certificate are more than or equal to startTime, endTime and latelyRunTime corresponding to the hidden authentication file encrypt is judged;
if true encrypt, enter step k;
if false, entering step l;
k. establishing an authentication file (411)
If the authorization condition is met, rewriting the hidden authentication file according to the authorization certificate ciphertext, and authorizing successfully (M3);
setting certificate invalid (412)
If one condition is not met, the new authorization timestamp is smaller than the timestamp stored by the encrypt, the license of the license file cannot authorize the SoftWare, the flag of the license file needs to be set to be 1, and the license file is in an invalid state; authorization failed-M2 and exits (413);
m, exit (413)
The operation is quitted;
n, system time cannot be modified
And (4) prompting: the system time cannot be modified;
o, certificate expiry
And (4) prompting: the certificate is expired;
p, success of authorization
And (4) prompting: the authorization is successful;
q, authorization failure
And (4) prompting: an authorization failure;
the authentication work flow:
when the application softWare softWare runs, calling an independent authentication module at a softWare entrance to authenticate the running authority of the application softWare softWare;
authentication access (500)
Preparing, copying the application softWare softWare to the device A, operating the application softWare softWare, and calling the authentication module;
A. obtaining (501)
Acquiring the machien ID0 of the device A as a comparison value of the certificate plaintext code (303) in the step III;
B. read 2 nd authentication file (502)
Reading a hidden 2 nd authentication file encrypt memory, and decrypting to obtain a plaintext to obtain a machine ID, a StartTime, an EndTime, a LatelyRunTime, a verfiyCode and a flag value;
C. judging device (503)
Determines whether the device is an authorized device, determines whether the condition machine id0 is satisfied,
if true, entering step D;
if the authentication is false, the equipment is unauthorized equipment, and authentication failure is returned;
D. judging validity (504)
Judging whether the authentication file is valid or not, and judging whether a condition flag is true or not, namely whether the authentication file is valid or not;
if true, go to step E;
if the authentication file is false, the authentication file is invalid, and authentication failure is returned;
E. verification check code (505)
Judging whether the condition is to check that the verifyCode is correct or not;
if true, go to step F;
if the authentication is false, returning authentication failure;
F. obtaining system time (506)
Acquiring the current time now of the system;
G. judging time validity (507)
Judging whether the condition is that now > latelyRuntime is true, namely judging whether the current time is greater than the time when the software stored in the hidden authentication file operates and exits last time;
if true, go to step H;
if the time is false, the current time is smaller than the time when the software stored in the hidden authentication file operates and exits last time, which is impossible, and the situation can occur only after the system time is false time, so that the authentication is returned to fail;
H. judgment of overdue (508)
Judging whether the condition now > endTime is true;
if true, go to step I;
if the authentication is false, returning the authentication success;
I. modifying the authentication file (509)
Modifying the flag mark of the hidden authentication file to be 1, namely setting the authorization overdue; returning authentication failure;
J. success of authentication
And (4) prompting: the authentication is successful;
l, authentication failure
And prompting that the authentication fails.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811430399.1A CN109598104B (en) | 2018-11-28 | 2018-11-28 | Software authorization protection system and method based on timestamp and secret authentication file |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811430399.1A CN109598104B (en) | 2018-11-28 | 2018-11-28 | Software authorization protection system and method based on timestamp and secret authentication file |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109598104A CN109598104A (en) | 2019-04-09 |
| CN109598104B true CN109598104B (en) | 2021-08-10 |
Family
ID=65960586
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811430399.1A Active CN109598104B (en) | 2018-11-28 | 2018-11-28 | Software authorization protection system and method based on timestamp and secret authentication file |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109598104B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111460393A (en) * | 2020-03-18 | 2020-07-28 | 紫光云技术有限公司 | Method for preventing system from bypassing software license time management and control |
| CN112035887B (en) * | 2020-09-01 | 2023-10-27 | 武汉虹旭信息技术有限责任公司 | Certificate authorization method and device, electronic equipment and storage medium |
| CN113254887A (en) * | 2021-06-04 | 2021-08-13 | 统信软件技术有限公司 | Authorization method of application program, computing device and storage medium |
| CN113343215A (en) * | 2021-07-20 | 2021-09-03 | 厦门锐骐物联技术股份有限公司 | Embedded software authorization and authentication method and electronic equipment |
| CN113343185B (en) * | 2021-08-02 | 2021-10-22 | 统信软件技术有限公司 | Authorization method of client application, computing device and storage medium |
| CN113806720B (en) * | 2021-09-24 | 2023-12-05 | 福建星网视易信息系统有限公司 | Software authentication method, system and storage medium supporting offline scene |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103491097A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization system based on public key cryptosystem |
| CN104537282A (en) * | 2014-12-04 | 2015-04-22 | 中国电子科技集团公司第二十二研究所 | Encryption flash disk and large data computation technology based authorization use method |
| CN105956423A (en) * | 2016-04-21 | 2016-09-21 | 网宿科技股份有限公司 | Method and device for authentication |
| CN106874714A (en) * | 2017-02-15 | 2017-06-20 | 湖南长城银河科技有限公司 | A kind of software authorization method |
-
2018
- 2018-11-28 CN CN201811430399.1A patent/CN109598104B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103491097A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization system based on public key cryptosystem |
| CN104537282A (en) * | 2014-12-04 | 2015-04-22 | 中国电子科技集团公司第二十二研究所 | Encryption flash disk and large data computation technology based authorization use method |
| CN105956423A (en) * | 2016-04-21 | 2016-09-21 | 网宿科技股份有限公司 | Method and device for authentication |
| CN106874714A (en) * | 2017-02-15 | 2017-06-20 | 湖南长城银河科技有限公司 | A kind of software authorization method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109598104A (en) | 2019-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109598104B (en) | Software authorization protection system and method based on timestamp and secret authentication file | |
| CN110677418B (en) | Trusted voiceprint authentication method and device, electronic equipment and storage medium | |
| CN1581118B (en) | Secure device, information processing terminal, integrated circuit, application apparatus and method | |
| CN1323538C (en) | A dynamic identity certification method and system | |
| CN110519309B (en) | Data transmission method, device, terminal, server and storage medium | |
| CN107743067B (en) | Method, system, terminal and storage medium for issuing digital certificate | |
| US20040255119A1 (en) | Memory device and passcode generator | |
| CN1439207A (en) | A platform and method for establishing provable identities while maintaining privacy | |
| CN106936588B (en) | Hosting method, device and system of hardware control lock | |
| EP1886204B1 (en) | Transaction method and verification method | |
| JP2010514000A (en) | Method for securely storing program state data in an electronic device | |
| JP4696449B2 (en) | Encryption apparatus and method | |
| CN111401901B (en) | Authentication method and device of biological payment device, computer device and storage medium | |
| CN111583482A (en) | Access control system based on two-dimensional code and control method thereof | |
| CN106656955A (en) | Communication method and system and user terminal | |
| US7721100B2 (en) | Granting an access to a computer-based object | |
| CN114372242A (en) | Ciphertext data processing method, authority management server and decryption server | |
| CN114785514A (en) | Method and system for authorizing application permission of industrial Internet of things terminal | |
| CN105933117A (en) | Data encryption and decryption device and method based on TPM (Trusted Platform Module) key security storage | |
| CN104901967A (en) | Registration method for trusted device | |
| CN110445774B (en) | Security protection method, device and equipment for IoT (Internet of things) equipment | |
| JP4409497B2 (en) | How to send confidential information | |
| CN111131211A (en) | Anti-tampering method for sharing washing machine safety | |
| KR20150072007A (en) | Method for accessing temper-proof device and apparatus enabling of the method | |
| CN113343203A (en) | Digital car key processing method, equipment and platform system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |