CN115510401A - Software authorization implementation method in cloud scene - Google Patents

Software authorization implementation method in cloud scene Download PDF

Info

Publication number
CN115510401A
CN115510401A CN202211223882.9A CN202211223882A CN115510401A CN 115510401 A CN115510401 A CN 115510401A CN 202211223882 A CN202211223882 A CN 202211223882A CN 115510401 A CN115510401 A CN 115510401A
Authority
CN
China
Prior art keywords
authorization
service
target software
authentication
authentication service
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211223882.9A
Other languages
Chinese (zh)
Inventor
王雷
胡国华
王振东
王兰虎
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shuanxin Beijing Technology Co ltd
Original Assignee
Shuanxin Beijing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shuanxin Beijing Technology Co ltd filed Critical Shuanxin Beijing Technology Co ltd
Priority to CN202211223882.9A priority Critical patent/CN115510401A/en
Publication of CN115510401A publication Critical patent/CN115510401A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/105Arrangements for software license management or administration, e.g. for managing licenses at corporate level
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • G06F21/1011Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/107License processing; Key processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a method and a device for realizing software authorization in a cloud scene, wherein the method comprises the following steps: installing an authentication service; obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded; the target software is notified that authorization is complete. The method authorizes the target software through the authentication service and the authorization service, and does not depend on the hardware characteristics of the target software.

Description

Software authorization implementation method in cloud scene
Technical Field
The application requests to protect a software copyright control technology, and particularly relates to a software authorization implementation method in a cloud scene. The application also relates to a software authorization implementation device in the cloud scene.
Background
Software authorization is a mode of operation of software that is typically used by developers to control the distribution of rights to software. After the software developer sells the software, the software runs locally, and the authorized license needs to be always stored in the authorization server. Therefore, software authorization requires that the client software has networking conditions, and can be networked at any time or at every fixed time according to specific requirements, so as to realize tracking and management of software authorization.
Currently, in a cloud computing scenario, software is run in a virtual machine. The virtual machine has the characteristics of uncertain hardware characteristics, random copying of the whole machine, deletion of the whole machine and the like. Therefore, the conventional software authorization method based on hardware binding is not suitable for the cloud computing environment.
Disclosure of Invention
In order to solve one or more problems in the background art, the present application provides a software authorization implementation method in a cloud scenario. The application also relates to a software authorization implementation device in the cloud scene.
The application provides a software authorization implementation method in a cloud scene, which comprises the following steps:
installing an authentication service;
obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded;
the target software is notified that authorization is complete.
Optionally, the installing the authentication service includes:
after hashing a CPU serial number and a mainboard serial number of a host by using MD5, packing the hashed numbers, a newly generated public key of an asymmetric key and a random number, encrypting by an authorization service public key to generate a file for registration, recording the public key and the MD5 hashed value of an authentication service by the authorization service, encrypting the random number by using a private key of the authorization service to generate the file, importing the file, decrypting by using the public key of the authorization service by the authentication service, and considering that the authentication service is successfully installed if the decrypted random number is the random number generated before.
Optionally, the method further includes: and setting preset fixed time, and identifying whether the authorization is legal or not to the authentication service based on the preset fixed time.
Optionally, the method further includes: the authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
Optionally, the verifying whether the function authorization range and the authorization time of the target software are legal by the authentication service includes:
if the target software is legal, the target software is informed that the authorization is legal, the authentication service in the process uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
The present application further provides a device for implementing software authorization in a cloud scenario, including:
the installation module is used for installing the authentication service;
the authorization module is used for obtaining an authorization serial number from an authorization service and carrying out authorization authentication on target software based on the serial number, and comprises: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective from the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded;
and the notification module is used for notifying the completion of the authorization of the target software.
Optionally, the installing the authentication service includes:
the CPU serial number and the mainboard serial number of the host are hashed by using MD5, then the CPU serial number and the mainboard serial number are packaged with a newly generated public key of an asymmetric secret key and a random number, the public key of an authorization service is used for encrypting to generate a file for registration, the public key of an authentication service and the MD5 hash value are recorded by the authorization service, the random number is encrypted by using a private key of the authorization service to generate the file, the file is imported, the public key of the authorization service is used for decrypting by the authentication service, and the decrypted random number is the random number generated before and is considered that the authentication service is installed successfully.
Optionally, the method further includes: and setting preset fixed time, and identifying whether the authorization is legal or not to the authentication service based on the preset fixed time.
Optionally, the method further includes: the authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
Optionally, the verifying whether the function authorization range and the authorization time of the target software are legal by the authentication service includes:
if the target software is legal, the target software is informed that the authorization is legal, the authentication service in the process uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
Compared with the prior art, the application has the advantages that:
the application provides a software authorization implementation method in a cloud scene, which comprises the following steps: installing an authentication service; obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded; the target software is notified that authorization is complete. The target software is authorized through the authentication service and the authorization service, and the hardware characteristics of the target software are not depended on.
Drawings
Fig. 1 is a flowchart of software authorization implementation in a cloud scenario in the present application.
Fig. 2 is a flowchart of authorization determination in the present application.
Fig. 3 is a schematic diagram of a software authorization implementation apparatus in a cloud scenario in the present application.
Detailed Description
The following is an example of a specific implementation process provided for explaining the technical solutions to be protected in the present application in detail, but the present application may also be implemented in other ways than those described herein, and a person skilled in the art may implement the present application by using different technical means under the guidance of the idea of the present application, so that the present application is not limited by the following specific embodiments.
The application provides a software authorization implementation method in a cloud scene, which comprises the following steps: installing an authentication service; obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded; the target software is notified that authorization is complete. The target software is authorized through the authentication service and the authorization service, and the hardware characteristics of the target software are not depended on.
Fig. 1 is a flowchart of software authorization implementation in a cloud scenario in the present application.
Referring to fig. 1, S101 installs an authentication service;
the authentication service is used for authenticating the target software, namely judging whether the target software obtains the use permission. In this application, the authentication service needs to be installed on a physical server, and the first installation mode of the authentication service is as follows:
step 1, hashing a CPU serial number and a mainboard serial number of a host by using MD5 to obtain a hashing result;
step 2, packing the hash result, a newly generated public key of the asymmetric key and a random number to generate a packed file;
step 3, encrypting the favorite packaged file through the authorization service public key to generate a registration file;
step 4, the staff registers in the authorization service place, and the authorization service records the public key and the MD5 hashed value of the authentication service;
and 5, encrypting the random number by using a private key of the authorization service to generate an installation file, importing the installation file by a worker, and considering that the authentication service is successfully installed after the authentication service uses a public key of the authorization service to decrypt the installation file into the previously generated random number.
Referring to fig. 1, S102 obtains an authorization serial number from an authorization service, and performs authorization authentication on target software based on the serial number, including: and the target software acquires authentication information from the authentication service, identifies whether the authorization is effective in the authorization service, and uploads the authentication service information to the authentication service and records the authorization information if the authorization is effective. The authorization service is connected with the data center through the Internet according to the authorization server.
And completing the installation of the authentication service, namely performing the authorization and authentication of the target software. In the present application, the authorization and authentication are divided into two ways according to whether the target software is network-enabled or not.
Firstly, the online authorization and authentication process comprises the following steps:
and under the condition that the software can be networked, after the authentication service installs a result, preferably acquiring an authorization serial number to authorize the target software. In the application, the authorization serial number is obtained through authorization service, and the specific mode is that a worker applies for the authorization serial number to the authorization service, and the authorization service sends the authorization serial number to the worker and finally delivers the authorization serial number to a user.
Further, the authorization serial number is input in an authorization operation interface of the target software, and authorization authentication is performed on the target software by using the authorization serial number.
Specifically, after obtaining the authorization serial number, the target software requests the authorization service to determine whether authorization is valid, with reference to fig. 2, the steps are as follows:
s201, obtaining a random number, packaging the random number and the authorization serial number, and encrypting and sending the random number and the authorization serial number to authorization service through a public key pre-stored in an authorization server of target software.
S202, the authorization service uses the private decryption of the authorization service, and if the authorization is valid, the authorization service issues the authorization content and the random number of the target software to the authentication service. Meanwhile, the authorization service uses the private decryption of the authorization service, if the authorization is valid, the authorization service encrypts the authorization content through the authorization service private key and then sends the encrypted authorization content to the target software, and the target software is stored locally in the form of the received ciphertext and is decrypted when being used.
S203, the target software pops up a prompt of successful authentication.
Further, the target software authenticates whether the authorization is legal or not to the authentication service at a fixed time. The target software packages the authorization content and the random number, encrypts and sends the authorization content and the random number to the authentication service through the authentication service public key stored in the target software.
The authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service. And if the authorization is legal, the target software is informed that the authorization is legal. The authentication service in the process uses the private key of the authentication service to encrypt, and the target software uses the public key to decrypt and then confirms.
Secondly, an off-line authorization and authentication process:
the off-line authorization and authentication means that the data center does not perform networking communication with a server where the authorization service is located, and at this time, the generated authorization serial number of the authorization service can still be obtained by a worker and delivered to a user for authorization of the target software.
Furthermore, the target software acquires authentication service information from the authentication service, then the authentication service hashes the CPU serial number of the host and the mainboard serial number by using MD5 to generate a hash result, packs the hash result and a newly generated random number together, and then encrypts the hash result into authentication service information by using a private key of the authentication service to be sent to the target software.
The target software authenticates to the authorization service whether the authorization is valid. In the process, the target software generates a random number, the serial number and the authorization service information are packaged together, and an authorization application file is generated and delivered to a user by encrypting a public key of the authorization service pre-stored in the target software.
And the user uploads the authorization application file to the authorization service.
And after the authorization service uses the private decryption authorization application of the authorization service, the authentication service public key is used for decrypting the authentication service information. And comparing the serial numbers, and authenticating the service MD5. If both items are legal, the random number brought by the authentication service and the authorization information and the random number of the target software are firstly encrypted by using the private key of the authentication service, then the authorization information is added again by using the ciphertext and the random number of the target software is encrypted by using the private key of the authorization service, and an authorization file is generated and sent to the user.
The user uploads the authorization file to the target software.
And the target software decrypts the file by using the public key of the authorization service, compares whether the random number is the random number generated randomly or not, and if the random number is legal, sends the authentication service information to the authentication service and records the authorization information.
And the authentication service uses the private key thereof for decryption, and if the random number is the generated random number, records the authorization information and the random number randomly generated by the target software and informs the target software of finishing authorization.
The target software informs the user that authorization was successful.
The target software authenticates the authorization to the authentication service at a fixed time. The target software packages the authorization content and the generated random number, encrypts the authorization content and the generated random number through an authentication service public key stored in the target software, and sends the encrypted authorization content and the generated random number to the authentication service.
The authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
And if the authorization is legal, the target software is informed that the authorization is legal. In the process, the authentication service uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
Referring to fig. 1, S103 notifies the target software of the completion of authorization.
And after the authorization or the authentication is finished, sending a message to the target software to inform the target software of finishing the authorization.
The present application further provides a device for implementing software authorization in a cloud scenario, including: an installation module 301, an authorization module 302, and a notification module 303.
Referring to fig. 3, an installation module 301 is used for installing an authentication service;
the authentication service is used for authenticating the target software, namely judging whether the target software obtains the use permission. In this application, the authentication service needs to be installed on a physical server, and the first installation mode of the authentication service is as follows:
step 1, hashing a CPU serial number and a mainboard serial number of a host by using MD5 to obtain a hashing result;
step 2, packing the hash result, a newly generated public key of the asymmetric key and a random number to generate a packed file;
step 3, encrypting the favorite packaged file through the authorization service public key to generate a registration file;
step 4, the staff registers in the authorization service place, and the authorization service records the public key and the MD5 hashed value of the authentication service;
and 5, encrypting the random number by using a private key of the authorization service to generate an installation file, importing the installation file by a worker, and considering that the authentication service is successfully installed after the authentication service uses a public key of the authorization service to decrypt the installation file into the previously generated random number.
Referring to fig. 3, the authorization module 302 is configured to obtain an authorization serial number from an authorization service, and perform authorization authentication on target software based on the serial number, including: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective from the authorization service, if so, the authentication service information is uploaded to the authentication service, and the authorization information is recorded at the same time
And after the installation of the authentication service is completed, the authorization and the authentication of the target software can be performed. In the present application, the authorization and authentication are divided into two ways according to whether the target software is network-enabled or not.
Firstly, the online authorization and authentication process:
under the condition that the software can be networked, after the authentication service installs a result, an authorization serial number is preferably required to be acquired so as to authorize the target software. In the application, the authorization serial number is obtained through authorization service, and the specific mode is that a worker applies for the authorization serial number to the authorization service, and the authorization service sends the authorization serial number to the worker and finally delivers the authorization serial number to a user.
Further, the authorization serial number is input in an authorization operation interface in the target software, and authorization identification is carried out on the target software by using the authorization serial number.
Specifically, after obtaining the authorization serial number, the target software requests the authorization service to determine whether authorization is valid, and the steps are as follows:
firstly, a random number is obtained, the random number and the authorization serial number are packaged, and then the random number and the authorization serial number are encrypted and sent to an authorization service through a public key which is pre-stored in an authorization server of target software.
Secondly, the authorization service uses the private decryption of the authorization service, and if the authorization is valid, the authorization service issues the authorization content and the random number of the target software to the authentication service. Meanwhile, the authorization service uses the private decryption of the authorization service, if the authorization is valid, the authorization service encrypts the authorization content through the authorization service private key and then sends the encrypted authorization content to the target software, and the target software is stored locally in the form of the received ciphertext and is decrypted when being used.
And finally, popping up a prompt of successful authentication by the target software.
Further, the target software identifies whether the authorization is legal or not to the authentication service according to fixed time. The target software packages the authorization content and the random number, encrypts and sends the authorization content and the random number to the authentication service through the authentication service public key stored in the target software.
The authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service. And if the authorization is legal, the target software is informed that the authorization is legal. In the process, the authentication service uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
Secondly, an off-line authorization and authentication process:
the off-line authorization and authentication means that the data center does not perform networking communication with a server where the authorization service is located, and at this time, the generated authorization serial number of the authorization service can still be obtained by a worker and delivered to a user for authorization of the target software.
Furthermore, the target software acquires authentication service information from the authentication service, then the authentication service hashes the CPU serial number of the host and the mainboard serial number by using MD5 to generate a hash result, packs the hash result and a newly generated random number together, and then encrypts the hash result into authentication service information by using a private key of the authentication service to be sent to the target software.
The target software authenticates to the authorization service whether the authorization is valid. In the process, the target software generates a random number, the serial number and the authorization service information are packaged together, and an authorization application file is generated and delivered to a user by encrypting a public key of the authorization service pre-stored in the target software.
And the user uploads the authorization application file to the authorization service.
And after the authorization service uses the private decryption authorization application of the authorization service, the authentication service public key is used for decrypting the authentication service information. And comparing the serial numbers, and authenticating the service MD5. If both items are legal, the random number brought by the authentication service, the authorization information and the random number of the target software are firstly encrypted by using the authentication service private key, then the authorization information is added again by using the ciphertext, the random number of the target software is encrypted by using the private key of the authorization service, and an authorization file is generated and sent to the user.
The user uploads the authorization file to the target software.
And the target software decrypts the file by using the public key of the authorization service, compares whether the random number is the random number generated randomly or not, and if the random number is legal, uploads the authentication service information to the authentication service and records the authorization information.
And the authentication service uses the private key thereof for decryption, and if the random number is the generated random number, records the authorization information and the random number randomly generated by the target software and informs the target software of finishing authorization.
The target software informs the user that authorization was successful.
The target software authenticates the authorization to the authentication service at a fixed time. The target software packages the authorization content and the generated random number, encrypts the authorization content and the generated random number through an authentication service public key stored in the target software, and sends the encrypted authorization content and the generated random number to the authentication service.
The authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
And if the authorization is legal, the target software is informed that the authorization is legal. The authentication service in the process uses the private key of the authentication service to encrypt, and the target software uses the public key to decrypt and then confirms.
Referring to fig. 3, a notification module 303 is used for notifying the target software of the completion of the authorization.
And after the authorization or the authentication is finished, sending a message to the target software to inform the target software of finishing the authorization.
The foregoing description is only exemplary of the preferred embodiments of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the application referred to in the present application is not limited to the embodiments in which the above-mentioned features are combined in particular, and also encompasses other embodiments in which the above-mentioned features or their equivalents are combined arbitrarily without departing from the concept of the application. For example, the above features may be replaced with (but not limited to) features having similar functions as those described in this application.

Claims (10)

1. A software authorization implementation method in a cloud scenario is characterized by comprising the following steps:
installing an authentication service;
obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded;
and informing the target software of the completion of authorization.
2. The method for implementing software authorization in the cloud scenario according to claim 1, wherein the installing the authentication service includes:
the CPU serial number and the mainboard serial number of the host are hashed by using MD5, then the CPU serial number and the mainboard serial number are packaged with a newly generated public key of an asymmetric secret key and a random number, the public key of an authorization service is used for encrypting to generate a file for registration, the public key of an authentication service and the MD5 hash value are recorded by the authorization service, the random number is encrypted by using a private key of the authorization service to generate the file, the file is imported, the public key of the authorization service is used for decrypting by the authentication service, and the decrypted random number is the random number generated before and is considered that the authentication service is installed successfully.
3. The method for realizing software authorization in the cloud scenario according to claim 1, further comprising: and setting preset fixed time, and identifying whether the authorization is legal or not to the authentication service based on the preset fixed time.
4. The software authorization implementation method in the cloud scenario according to claims 1 to 3, further comprising: the authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
5. The software authorization implementation method in the cloud scenario according to claim 4, wherein the authentication service verifies whether the function authorization scope and the authorization time of the target software are legal, and includes:
if the target software is legal, the target software is informed that the authorization is legal, the authentication service in the process uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
6. A software authorization implementation device in a cloud scenario is characterized by comprising:
the installation module is used for installing the authentication service;
the authorization module is used for obtaining an authorization serial number from an authorization service and carrying out authorization authentication on target software based on the serial number, and comprises: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective from the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded;
and the notification module is used for notifying the completion of the authorization of the target software.
7. The device for implementing software authorization in the cloud scenario according to claim 6, wherein the installing authentication service includes:
the CPU serial number and the mainboard serial number of the host are hashed by using MD5, then the CPU serial number and the mainboard serial number are packaged with a newly generated public key of an asymmetric secret key and a random number, the public key of an authorization service is used for encrypting to generate a file for registration, the public key of an authentication service and the MD5 hash value are recorded by the authorization service, the random number is encrypted by using a private key of the authorization service to generate the file, the file is imported, the public key of the authorization service is used for decrypting by the authentication service, and the decrypted random number is the random number generated before and is considered that the authentication service is installed successfully.
8. The device for implementing software authorization in the cloud scenario according to claim 6, further comprising: and setting preset fixed time, and identifying whether the authorization is legal or not to the authentication service based on the preset fixed time.
9. The device for realizing software authorization in the cloud scenario according to claims 6 to 8, further comprising: the authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
10. The device for realizing software authorization in the cloud scenario according to claim 9, wherein the authentication service verifies whether the function authorization scope and the authorization time of the target software are legal or not, and includes:
if the target software is legal, the target software is informed that the authorization is legal, the authentication service in the process uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
CN202211223882.9A 2022-10-08 2022-10-08 Software authorization implementation method in cloud scene Pending CN115510401A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211223882.9A CN115510401A (en) 2022-10-08 2022-10-08 Software authorization implementation method in cloud scene

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211223882.9A CN115510401A (en) 2022-10-08 2022-10-08 Software authorization implementation method in cloud scene

Publications (1)

Publication Number Publication Date
CN115510401A true CN115510401A (en) 2022-12-23

Family

ID=84507558

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211223882.9A Pending CN115510401A (en) 2022-10-08 2022-10-08 Software authorization implementation method in cloud scene

Country Status (1)

Country Link
CN (1) CN115510401A (en)

Similar Documents

Publication Publication Date Title
US7270193B2 (en) Method and system for distributing programs using tamper resistant processor
WO2019020051A1 (en) Method and apparatus for security authentication
US11640448B2 (en) License confirmation via embedded confirmation challenge
US8538890B2 (en) Encrypting a unique cryptographic entity
CN110855426B (en) Method for software use authorization
JP2009116901A (en) Method for updating, method for sending, servers and terminals
US11093587B2 (en) Software wrapper and installer using timestamp validation and system identification validation
US7995766B2 (en) Group subordinate terminal, group managing terminal, server, key updating system, and key updating method therefor
CN110414248B (en) Method for debugging microprocessor and microprocessor
US20220417241A1 (en) Methods, Systems, and Devices for Server Control of Client Authorization Proof of Possession
US11258601B1 (en) Systems and methods for distributed digital rights management with decentralized key management
JP2004005585A (en) Server apparatus and program management system
CN109446752B (en) Copyright file management method, system, device and storage medium
JP2009251977A (en) Software installation system
CN110619194B (en) Upgrade package encryption and decryption methods and devices
CN110807210B (en) Information processing method, platform, system and computer storage medium
KR101711024B1 (en) Method for accessing temper-proof device and apparatus enabling of the method
US8355508B2 (en) Information processing apparatus, information processing method, and computer readable recording medium
CN107241341B (en) Access control method and device
CN115510401A (en) Software authorization implementation method in cloud scene
KR100367094B1 (en) Online distribution method of computer programs
CN113139162A (en) Software verification method, software and hardware binding method and programmable device thereof
CN109981678B (en) Information synchronization method and device
CN115168811B (en) Software anti-cracking method and device
CN113946799B (en) Application program source code protection method and server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination