CN115510401A - Software authorization implementation method in cloud scene - Google Patents
Software authorization implementation method in cloud scene Download PDFInfo
- Publication number
- CN115510401A CN115510401A CN202211223882.9A CN202211223882A CN115510401A CN 115510401 A CN115510401 A CN 115510401A CN 202211223882 A CN202211223882 A CN 202211223882A CN 115510401 A CN115510401 A CN 115510401A
- Authority
- CN
- China
- Prior art keywords
- authorization
- service
- target software
- authentication
- authentication service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 35
- 238000013475 authorization Methods 0.000 claims abstract description 292
- 238000009434 installation Methods 0.000 claims description 14
- 230000006855 networking Effects 0.000 description 3
- 238000012856 packing Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/101—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
- G06F21/1011—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities to devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a method and a device for realizing software authorization in a cloud scene, wherein the method comprises the following steps: installing an authentication service; obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded; the target software is notified that authorization is complete. The method authorizes the target software through the authentication service and the authorization service, and does not depend on the hardware characteristics of the target software.
Description
Technical Field
The application requests to protect a software copyright control technology, and particularly relates to a software authorization implementation method in a cloud scene. The application also relates to a software authorization implementation device in the cloud scene.
Background
Software authorization is a mode of operation of software that is typically used by developers to control the distribution of rights to software. After the software developer sells the software, the software runs locally, and the authorized license needs to be always stored in the authorization server. Therefore, software authorization requires that the client software has networking conditions, and can be networked at any time or at every fixed time according to specific requirements, so as to realize tracking and management of software authorization.
Currently, in a cloud computing scenario, software is run in a virtual machine. The virtual machine has the characteristics of uncertain hardware characteristics, random copying of the whole machine, deletion of the whole machine and the like. Therefore, the conventional software authorization method based on hardware binding is not suitable for the cloud computing environment.
Disclosure of Invention
In order to solve one or more problems in the background art, the present application provides a software authorization implementation method in a cloud scenario. The application also relates to a software authorization implementation device in the cloud scene.
The application provides a software authorization implementation method in a cloud scene, which comprises the following steps:
installing an authentication service;
obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded;
the target software is notified that authorization is complete.
Optionally, the installing the authentication service includes:
after hashing a CPU serial number and a mainboard serial number of a host by using MD5, packing the hashed numbers, a newly generated public key of an asymmetric key and a random number, encrypting by an authorization service public key to generate a file for registration, recording the public key and the MD5 hashed value of an authentication service by the authorization service, encrypting the random number by using a private key of the authorization service to generate the file, importing the file, decrypting by using the public key of the authorization service by the authentication service, and considering that the authentication service is successfully installed if the decrypted random number is the random number generated before.
Optionally, the method further includes: and setting preset fixed time, and identifying whether the authorization is legal or not to the authentication service based on the preset fixed time.
Optionally, the method further includes: the authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
Optionally, the verifying whether the function authorization range and the authorization time of the target software are legal by the authentication service includes:
if the target software is legal, the target software is informed that the authorization is legal, the authentication service in the process uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
The present application further provides a device for implementing software authorization in a cloud scenario, including:
the installation module is used for installing the authentication service;
the authorization module is used for obtaining an authorization serial number from an authorization service and carrying out authorization authentication on target software based on the serial number, and comprises: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective from the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded;
and the notification module is used for notifying the completion of the authorization of the target software.
Optionally, the installing the authentication service includes:
the CPU serial number and the mainboard serial number of the host are hashed by using MD5, then the CPU serial number and the mainboard serial number are packaged with a newly generated public key of an asymmetric secret key and a random number, the public key of an authorization service is used for encrypting to generate a file for registration, the public key of an authentication service and the MD5 hash value are recorded by the authorization service, the random number is encrypted by using a private key of the authorization service to generate the file, the file is imported, the public key of the authorization service is used for decrypting by the authentication service, and the decrypted random number is the random number generated before and is considered that the authentication service is installed successfully.
Optionally, the method further includes: and setting preset fixed time, and identifying whether the authorization is legal or not to the authentication service based on the preset fixed time.
Optionally, the method further includes: the authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
Optionally, the verifying whether the function authorization range and the authorization time of the target software are legal by the authentication service includes:
if the target software is legal, the target software is informed that the authorization is legal, the authentication service in the process uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
Compared with the prior art, the application has the advantages that:
the application provides a software authorization implementation method in a cloud scene, which comprises the following steps: installing an authentication service; obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded; the target software is notified that authorization is complete. The target software is authorized through the authentication service and the authorization service, and the hardware characteristics of the target software are not depended on.
Drawings
Fig. 1 is a flowchart of software authorization implementation in a cloud scenario in the present application.
Fig. 2 is a flowchart of authorization determination in the present application.
Fig. 3 is a schematic diagram of a software authorization implementation apparatus in a cloud scenario in the present application.
Detailed Description
The following is an example of a specific implementation process provided for explaining the technical solutions to be protected in the present application in detail, but the present application may also be implemented in other ways than those described herein, and a person skilled in the art may implement the present application by using different technical means under the guidance of the idea of the present application, so that the present application is not limited by the following specific embodiments.
The application provides a software authorization implementation method in a cloud scene, which comprises the following steps: installing an authentication service; obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded; the target software is notified that authorization is complete. The target software is authorized through the authentication service and the authorization service, and the hardware characteristics of the target software are not depended on.
Fig. 1 is a flowchart of software authorization implementation in a cloud scenario in the present application.
Referring to fig. 1, S101 installs an authentication service;
the authentication service is used for authenticating the target software, namely judging whether the target software obtains the use permission. In this application, the authentication service needs to be installed on a physical server, and the first installation mode of the authentication service is as follows:
step 1, hashing a CPU serial number and a mainboard serial number of a host by using MD5 to obtain a hashing result;
step 2, packing the hash result, a newly generated public key of the asymmetric key and a random number to generate a packed file;
step 3, encrypting the favorite packaged file through the authorization service public key to generate a registration file;
step 4, the staff registers in the authorization service place, and the authorization service records the public key and the MD5 hashed value of the authentication service;
and 5, encrypting the random number by using a private key of the authorization service to generate an installation file, importing the installation file by a worker, and considering that the authentication service is successfully installed after the authentication service uses a public key of the authorization service to decrypt the installation file into the previously generated random number.
Referring to fig. 1, S102 obtains an authorization serial number from an authorization service, and performs authorization authentication on target software based on the serial number, including: and the target software acquires authentication information from the authentication service, identifies whether the authorization is effective in the authorization service, and uploads the authentication service information to the authentication service and records the authorization information if the authorization is effective. The authorization service is connected with the data center through the Internet according to the authorization server.
And completing the installation of the authentication service, namely performing the authorization and authentication of the target software. In the present application, the authorization and authentication are divided into two ways according to whether the target software is network-enabled or not.
Firstly, the online authorization and authentication process comprises the following steps:
and under the condition that the software can be networked, after the authentication service installs a result, preferably acquiring an authorization serial number to authorize the target software. In the application, the authorization serial number is obtained through authorization service, and the specific mode is that a worker applies for the authorization serial number to the authorization service, and the authorization service sends the authorization serial number to the worker and finally delivers the authorization serial number to a user.
Further, the authorization serial number is input in an authorization operation interface of the target software, and authorization authentication is performed on the target software by using the authorization serial number.
Specifically, after obtaining the authorization serial number, the target software requests the authorization service to determine whether authorization is valid, with reference to fig. 2, the steps are as follows:
s201, obtaining a random number, packaging the random number and the authorization serial number, and encrypting and sending the random number and the authorization serial number to authorization service through a public key pre-stored in an authorization server of target software.
S202, the authorization service uses the private decryption of the authorization service, and if the authorization is valid, the authorization service issues the authorization content and the random number of the target software to the authentication service. Meanwhile, the authorization service uses the private decryption of the authorization service, if the authorization is valid, the authorization service encrypts the authorization content through the authorization service private key and then sends the encrypted authorization content to the target software, and the target software is stored locally in the form of the received ciphertext and is decrypted when being used.
S203, the target software pops up a prompt of successful authentication.
Further, the target software authenticates whether the authorization is legal or not to the authentication service at a fixed time. The target software packages the authorization content and the random number, encrypts and sends the authorization content and the random number to the authentication service through the authentication service public key stored in the target software.
The authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service. And if the authorization is legal, the target software is informed that the authorization is legal. The authentication service in the process uses the private key of the authentication service to encrypt, and the target software uses the public key to decrypt and then confirms.
Secondly, an off-line authorization and authentication process:
the off-line authorization and authentication means that the data center does not perform networking communication with a server where the authorization service is located, and at this time, the generated authorization serial number of the authorization service can still be obtained by a worker and delivered to a user for authorization of the target software.
Furthermore, the target software acquires authentication service information from the authentication service, then the authentication service hashes the CPU serial number of the host and the mainboard serial number by using MD5 to generate a hash result, packs the hash result and a newly generated random number together, and then encrypts the hash result into authentication service information by using a private key of the authentication service to be sent to the target software.
The target software authenticates to the authorization service whether the authorization is valid. In the process, the target software generates a random number, the serial number and the authorization service information are packaged together, and an authorization application file is generated and delivered to a user by encrypting a public key of the authorization service pre-stored in the target software.
And the user uploads the authorization application file to the authorization service.
And after the authorization service uses the private decryption authorization application of the authorization service, the authentication service public key is used for decrypting the authentication service information. And comparing the serial numbers, and authenticating the service MD5. If both items are legal, the random number brought by the authentication service and the authorization information and the random number of the target software are firstly encrypted by using the private key of the authentication service, then the authorization information is added again by using the ciphertext and the random number of the target software is encrypted by using the private key of the authorization service, and an authorization file is generated and sent to the user.
The user uploads the authorization file to the target software.
And the target software decrypts the file by using the public key of the authorization service, compares whether the random number is the random number generated randomly or not, and if the random number is legal, sends the authentication service information to the authentication service and records the authorization information.
And the authentication service uses the private key thereof for decryption, and if the random number is the generated random number, records the authorization information and the random number randomly generated by the target software and informs the target software of finishing authorization.
The target software informs the user that authorization was successful.
The target software authenticates the authorization to the authentication service at a fixed time. The target software packages the authorization content and the generated random number, encrypts the authorization content and the generated random number through an authentication service public key stored in the target software, and sends the encrypted authorization content and the generated random number to the authentication service.
The authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
And if the authorization is legal, the target software is informed that the authorization is legal. In the process, the authentication service uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
Referring to fig. 1, S103 notifies the target software of the completion of authorization.
And after the authorization or the authentication is finished, sending a message to the target software to inform the target software of finishing the authorization.
The present application further provides a device for implementing software authorization in a cloud scenario, including: an installation module 301, an authorization module 302, and a notification module 303.
Referring to fig. 3, an installation module 301 is used for installing an authentication service;
the authentication service is used for authenticating the target software, namely judging whether the target software obtains the use permission. In this application, the authentication service needs to be installed on a physical server, and the first installation mode of the authentication service is as follows:
step 1, hashing a CPU serial number and a mainboard serial number of a host by using MD5 to obtain a hashing result;
step 2, packing the hash result, a newly generated public key of the asymmetric key and a random number to generate a packed file;
step 3, encrypting the favorite packaged file through the authorization service public key to generate a registration file;
step 4, the staff registers in the authorization service place, and the authorization service records the public key and the MD5 hashed value of the authentication service;
and 5, encrypting the random number by using a private key of the authorization service to generate an installation file, importing the installation file by a worker, and considering that the authentication service is successfully installed after the authentication service uses a public key of the authorization service to decrypt the installation file into the previously generated random number.
Referring to fig. 3, the authorization module 302 is configured to obtain an authorization serial number from an authorization service, and perform authorization authentication on target software based on the serial number, including: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective from the authorization service, if so, the authentication service information is uploaded to the authentication service, and the authorization information is recorded at the same time
And after the installation of the authentication service is completed, the authorization and the authentication of the target software can be performed. In the present application, the authorization and authentication are divided into two ways according to whether the target software is network-enabled or not.
Firstly, the online authorization and authentication process:
under the condition that the software can be networked, after the authentication service installs a result, an authorization serial number is preferably required to be acquired so as to authorize the target software. In the application, the authorization serial number is obtained through authorization service, and the specific mode is that a worker applies for the authorization serial number to the authorization service, and the authorization service sends the authorization serial number to the worker and finally delivers the authorization serial number to a user.
Further, the authorization serial number is input in an authorization operation interface in the target software, and authorization identification is carried out on the target software by using the authorization serial number.
Specifically, after obtaining the authorization serial number, the target software requests the authorization service to determine whether authorization is valid, and the steps are as follows:
firstly, a random number is obtained, the random number and the authorization serial number are packaged, and then the random number and the authorization serial number are encrypted and sent to an authorization service through a public key which is pre-stored in an authorization server of target software.
Secondly, the authorization service uses the private decryption of the authorization service, and if the authorization is valid, the authorization service issues the authorization content and the random number of the target software to the authentication service. Meanwhile, the authorization service uses the private decryption of the authorization service, if the authorization is valid, the authorization service encrypts the authorization content through the authorization service private key and then sends the encrypted authorization content to the target software, and the target software is stored locally in the form of the received ciphertext and is decrypted when being used.
And finally, popping up a prompt of successful authentication by the target software.
Further, the target software identifies whether the authorization is legal or not to the authentication service according to fixed time. The target software packages the authorization content and the random number, encrypts and sends the authorization content and the random number to the authentication service through the authentication service public key stored in the target software.
The authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service. And if the authorization is legal, the target software is informed that the authorization is legal. In the process, the authentication service uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
Secondly, an off-line authorization and authentication process:
the off-line authorization and authentication means that the data center does not perform networking communication with a server where the authorization service is located, and at this time, the generated authorization serial number of the authorization service can still be obtained by a worker and delivered to a user for authorization of the target software.
Furthermore, the target software acquires authentication service information from the authentication service, then the authentication service hashes the CPU serial number of the host and the mainboard serial number by using MD5 to generate a hash result, packs the hash result and a newly generated random number together, and then encrypts the hash result into authentication service information by using a private key of the authentication service to be sent to the target software.
The target software authenticates to the authorization service whether the authorization is valid. In the process, the target software generates a random number, the serial number and the authorization service information are packaged together, and an authorization application file is generated and delivered to a user by encrypting a public key of the authorization service pre-stored in the target software.
And the user uploads the authorization application file to the authorization service.
And after the authorization service uses the private decryption authorization application of the authorization service, the authentication service public key is used for decrypting the authentication service information. And comparing the serial numbers, and authenticating the service MD5. If both items are legal, the random number brought by the authentication service, the authorization information and the random number of the target software are firstly encrypted by using the authentication service private key, then the authorization information is added again by using the ciphertext, the random number of the target software is encrypted by using the private key of the authorization service, and an authorization file is generated and sent to the user.
The user uploads the authorization file to the target software.
And the target software decrypts the file by using the public key of the authorization service, compares whether the random number is the random number generated randomly or not, and if the random number is legal, uploads the authentication service information to the authentication service and records the authorization information.
And the authentication service uses the private key thereof for decryption, and if the random number is the generated random number, records the authorization information and the random number randomly generated by the target software and informs the target software of finishing authorization.
The target software informs the user that authorization was successful.
The target software authenticates the authorization to the authentication service at a fixed time. The target software packages the authorization content and the generated random number, encrypts the authorization content and the generated random number through an authentication service public key stored in the target software, and sends the encrypted authorization content and the generated random number to the authentication service.
The authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
And if the authorization is legal, the target software is informed that the authorization is legal. The authentication service in the process uses the private key of the authentication service to encrypt, and the target software uses the public key to decrypt and then confirms.
Referring to fig. 3, a notification module 303 is used for notifying the target software of the completion of the authorization.
And after the authorization or the authentication is finished, sending a message to the target software to inform the target software of finishing the authorization.
The foregoing description is only exemplary of the preferred embodiments of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the application referred to in the present application is not limited to the embodiments in which the above-mentioned features are combined in particular, and also encompasses other embodiments in which the above-mentioned features or their equivalents are combined arbitrarily without departing from the concept of the application. For example, the above features may be replaced with (but not limited to) features having similar functions as those described in this application.
Claims (10)
1. A software authorization implementation method in a cloud scenario is characterized by comprising the following steps:
installing an authentication service;
obtaining an authorization serial number from an authorization service, and performing authorization authentication on target software based on the serial number, wherein the authorization authentication comprises the following steps: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective in the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded;
and informing the target software of the completion of authorization.
2. The method for implementing software authorization in the cloud scenario according to claim 1, wherein the installing the authentication service includes:
the CPU serial number and the mainboard serial number of the host are hashed by using MD5, then the CPU serial number and the mainboard serial number are packaged with a newly generated public key of an asymmetric secret key and a random number, the public key of an authorization service is used for encrypting to generate a file for registration, the public key of an authentication service and the MD5 hash value are recorded by the authorization service, the random number is encrypted by using a private key of the authorization service to generate the file, the file is imported, the public key of the authorization service is used for decrypting by the authentication service, and the decrypted random number is the random number generated before and is considered that the authentication service is installed successfully.
3. The method for realizing software authorization in the cloud scenario according to claim 1, further comprising: and setting preset fixed time, and identifying whether the authorization is legal or not to the authentication service based on the preset fixed time.
4. The software authorization implementation method in the cloud scenario according to claims 1 to 3, further comprising: the authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
5. The software authorization implementation method in the cloud scenario according to claim 4, wherein the authentication service verifies whether the function authorization scope and the authorization time of the target software are legal, and includes:
if the target software is legal, the target software is informed that the authorization is legal, the authentication service in the process uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
6. A software authorization implementation device in a cloud scenario is characterized by comprising:
the installation module is used for installing the authentication service;
the authorization module is used for obtaining an authorization serial number from an authorization service and carrying out authorization authentication on target software based on the serial number, and comprises: the target software acquires authentication information from the authentication service, and identifies whether the authorization is effective from the authorization service, if so, the authentication service information is uploaded to the authentication service and the authorization information is recorded;
and the notification module is used for notifying the completion of the authorization of the target software.
7. The device for implementing software authorization in the cloud scenario according to claim 6, wherein the installing authentication service includes:
the CPU serial number and the mainboard serial number of the host are hashed by using MD5, then the CPU serial number and the mainboard serial number are packaged with a newly generated public key of an asymmetric secret key and a random number, the public key of an authorization service is used for encrypting to generate a file for registration, the public key of an authentication service and the MD5 hash value are recorded by the authorization service, the random number is encrypted by using a private key of the authorization service to generate the file, the file is imported, the public key of the authorization service is used for decrypting by the authentication service, and the decrypted random number is the random number generated before and is considered that the authentication service is installed successfully.
8. The device for implementing software authorization in the cloud scenario according to claim 6, further comprising: and setting preset fixed time, and identifying whether the authorization is legal or not to the authentication service based on the preset fixed time.
9. The device for realizing software authorization in the cloud scenario according to claims 6 to 8, further comprising: the authentication service verifies whether the function authorization range and the authorization time of the target software are legal or not, and judges whether an authorization authentication request is only made once within a fixed time interval or not. If the condition is not met, the target software is considered to be used in an unauthorized way, and the target software is informed to suspend service.
10. The device for realizing software authorization in the cloud scenario according to claim 9, wherein the authentication service verifies whether the function authorization scope and the authorization time of the target software are legal or not, and includes:
if the target software is legal, the target software is informed that the authorization is legal, the authentication service in the process uses a private key of the authentication service to encrypt, and the target software uses a public key to decrypt and then confirms.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211223882.9A CN115510401A (en) | 2022-10-08 | 2022-10-08 | Software authorization implementation method in cloud scene |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211223882.9A CN115510401A (en) | 2022-10-08 | 2022-10-08 | Software authorization implementation method in cloud scene |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115510401A true CN115510401A (en) | 2022-12-23 |
Family
ID=84507558
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211223882.9A Pending CN115510401A (en) | 2022-10-08 | 2022-10-08 | Software authorization implementation method in cloud scene |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115510401A (en) |
-
2022
- 2022-10-08 CN CN202211223882.9A patent/CN115510401A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7270193B2 (en) | Method and system for distributing programs using tamper resistant processor | |
WO2019020051A1 (en) | Method and apparatus for security authentication | |
US11640448B2 (en) | License confirmation via embedded confirmation challenge | |
US8538890B2 (en) | Encrypting a unique cryptographic entity | |
CN110855426B (en) | Method for software use authorization | |
JP2009116901A (en) | Method for updating, method for sending, servers and terminals | |
US11093587B2 (en) | Software wrapper and installer using timestamp validation and system identification validation | |
US7995766B2 (en) | Group subordinate terminal, group managing terminal, server, key updating system, and key updating method therefor | |
CN110414248B (en) | Method for debugging microprocessor and microprocessor | |
US20220417241A1 (en) | Methods, Systems, and Devices for Server Control of Client Authorization Proof of Possession | |
US11258601B1 (en) | Systems and methods for distributed digital rights management with decentralized key management | |
JP2004005585A (en) | Server apparatus and program management system | |
CN109446752B (en) | Copyright file management method, system, device and storage medium | |
JP2009251977A (en) | Software installation system | |
CN110619194B (en) | Upgrade package encryption and decryption methods and devices | |
CN110807210B (en) | Information processing method, platform, system and computer storage medium | |
KR101711024B1 (en) | Method for accessing temper-proof device and apparatus enabling of the method | |
US8355508B2 (en) | Information processing apparatus, information processing method, and computer readable recording medium | |
CN107241341B (en) | Access control method and device | |
CN115510401A (en) | Software authorization implementation method in cloud scene | |
KR100367094B1 (en) | Online distribution method of computer programs | |
CN113139162A (en) | Software verification method, software and hardware binding method and programmable device thereof | |
CN109981678B (en) | Information synchronization method and device | |
CN115168811B (en) | Software anti-cracking method and device | |
CN113946799B (en) | Application program source code protection method and server |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |