EP0203066A1 - Steuerung der sicherheit und der verwendung - Google Patents

Steuerung der sicherheit und der verwendung

Info

Publication number
EP0203066A1
EP0203066A1 EP19850900596 EP85900596A EP0203066A1 EP 0203066 A1 EP0203066 A1 EP 0203066A1 EP 19850900596 EP19850900596 EP 19850900596 EP 85900596 A EP85900596 A EP 85900596A EP 0203066 A1 EP0203066 A1 EP 0203066A1
Authority
EP
European Patent Office
Prior art keywords
instructions
information
security
usage
sur
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP19850900596
Other languages
English (en)
French (fr)
Inventor
Paul Guignard
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP0203066A1 publication Critical patent/EP0203066A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering

Definitions

  • This invention relates to security and usage monitoring and relates generally to the prevention of unauthorised use of computer programmes or data or * materials to be used and broadly includes a method for preventing the copying and subsequent re-use of a computer programme without accounting for that use, to various forms of hardware for use with existing computers to enable this to be performed, and also to a total system whereby computer programmes or data or materials to be used can be held at a main store and where a computer can request a programme or data or materials to be used from that store and permit such programme or data or materials to be used only when its use is accounted for.
  • the invention is not limited solely to use in relation to computers as it may be extended to control usage of materials in a device. Notwithstanding this- the description will be generally addressed to the computer field.
  • This invention does not contemplate the prevention of direct copying of the software. Instead every time a programme is used in a computer it is proposed that the user eventually pay for use of that programme.
  • the computer is, in turn, attached to a security and usage register means (SUR.) which will inhibit the computer from using the software unless that SUR has a matching key code therein for that particular software programme. Thus a match must be made of the stored key code with the programme key code.
  • SUR security and usage register means
  • This allows the programme to operate in the computer and increments a usage register in SUR. Each time the programme is required to operate with the computer this SUR is first accessed by the computer to see if that SUR contains the key code for that programme.
  • Each programme is such that if it is pirated from a computer with a SUR which controls the operation of the computer with the programme and then placed in a computer which does not have such a SUR, then it will not be able to run with that computer because the initial sub-routine in the programme will first require matching of key codes in a SUR to enable the main programme or user programme to run. In other words the initial programme will require decoding keys to be obtained before it can operate with the computer.
  • a method of controlling the use,of a device which when operating, passes therethrough,, instructions, information or material to be used having at least one key code associated therewith, said method comprising:-
  • step (b) comparing the key code in step (a) for a match with a key code held in a holding means.
  • step (c) if a match of respective key codes is not made at step (b) inhibiting passing of said instructions, information or material to be used through said device, and (d) if a match of respective key codes is made at step (b) allowing said instructions, information or material to be used to pass through said device, and (e) following a match being made of respective key codes at step (b) incrementing a usage register, and optionally
  • each programme is identified by its own code (which is different to the key code) and a register stores information as to the number of times that particular programme is used, thus permitting different charges to be made for different programme usages .
  • the accounting for use is by incrementing a usage register.
  • the method proposes that a computer obtain programmes from a store which may be remote from the computer, such as at a central store which could be at a software house.
  • the programme is requested from the central store, key codes for that programme are sent to the computer, via the SUR.
  • This SUR transmits codes to the computer to enable the software to be used with the computer after the usage register has been incremented.
  • Both key codes and programme codes i.e. numbers are desirably stored in a memory in the SUR.
  • the method proposes that in order for the programme to operate with the computer it must have a match of the necessary key codes for that programme.
  • the SUR of the computer attempting to use the pirated programme may not have the required programme keys. If it does not have the key codes, these must be obtained from another source such as from a central store before the programme can be used. Once the key codes are obtained, the SUR will allow the computer to operate with the programme and it will increment the usage register and eventually a usage charge can be made. All programmes contain at least one sub-routine, which requires key codes to be obtained before the main programme can be used.
  • Such sub-routines may be only at the start of a particular programme or alternatively there may be many such sub-routines during a programme requiring the key codes to be obtained before the next stage of the programme can be commenced. Alternatively some processing may be initiated in SUR prior to the balance of the programme being freed for use.
  • the register need not be incremented every time a key code is obtained during one programme.
  • the initial key code obtained may be the only step which increments the register for that programme use.
  • a system is proposed by using a multitude of key code obtaining steps which will inhibit the attempted cracking of the programme by pirates. Further each key code required during the entire programme may be different to that during a preceding sub-routine. This will make the task of a person attempting to crack the key codes so as to use a pirated copy of the programme without incrementing the usage register even more difficult.
  • programmes be initially stored at a central store, such as a software house, and then transferred to a computer via cable or telephone line or the like line when first required.
  • the programme may then be subsequently stored at the computer.
  • the key code for that programme is intended to be ultimately stored at the computer site.
  • the storing of the programme may be on disc or in microcircuits within the computer.
  • the storing of the key code is preferably in a memory in hardware in the SUR which may be integral with the computer.
  • the invention also proposes in another aspect a computer fitted with hardware to enable the method to be performed.
  • the invention also proposes in another aspect, a store at a remote location fitted with hardware to enable either a programme or keys or both to be transmitted to a computer so that the programme can be used on that computer.
  • the invention also proposes a security and usage monitoring means for a device which, when operating, passes therethrough, instructions, information or material to be used, said instructions, information or material to be used having at least one key code associated therewith, said security and usage monitoring means comprising,
  • the security and usage monitoring means includes separate store means which stores not only the number of times a programme or data or material to be used is used but also which programme or data or material is used so that a billing or a check can be made related to the particular programme or data or material usage.
  • Figure 1 is a block circuit diagram of one embodiment
  • Figure 2 is a block circuit diagram of a similar but different embodiment
  • Figure 3 is a block circuit diagram of a further embodiment
  • Figure 4 is a block circuit diagram of a further embodiment
  • Figure 5 is a block circuit diagram of a further embodiment
  • Figure 6 is a block circuit diagram of a still further embodiment;
  • Figure 7 is a block circuit diagram of a SUR;
  • Figure 8 is a detailed circuit diagram of a sealed circuit part of the SUR shown in Figure 9;
  • Figures 9 through 18 are block circuit diagrams of network arrangements.
  • Figures 19 through 24 are flow diagrams of programme steps in different operations of SUR.
  • FIG. 1 there is shown a circuit diagram of one embodiment.
  • a device PC such as a computer which may be a personal computer PC.
  • the invention is applicable not only to computer arts but to arts where a device is used with instructions, information or material to be used.
  • the device may, in fact, be a machine which consumes materials and wherein those materials are coded with a key prior to entry into the machine.
  • the device may be a machine which is operating with a set of instructions or data information which may be suitably coded prior to entering the machine.
  • the device PC is connected with a security and usage register SUR.
  • the security and usage register contains means for holding keys therein.
  • the holding means comprises an electronic memory.
  • the keys are available in this security and usage register SUR, then an instruction is sent back to the device PC from the security and usage register SUR to enable the device PC to operate with the instructions, information or material to be used.
  • the actual usage register within the SUR may be incremented at the time when there is a match of the keys in SUR with the keys in the instructions, information or material to be used. Alternatively the usage register may be incremented at some other convenient time such as on completion of usage of the instructions, information or material to be used.
  • the SUR contains means, such as a port, to permit access to the usage register so that it may be read.
  • the necessary software or programmes or data or other information which is required to operate with the computer can be obtained from any desired source.
  • programmes may, in fact, be pirated and/or copied programmes but because it is proposed herein that all programmes be provided with a sub-routine which requires matching of keys in the programme and in the SUR, then in order for the programme or data or information to operate with the computer, the computer must be fitted with a SUR. Accordingly, if the keys " are not present in the SUR then the programme cannot run.
  • a user can ring up a central store, such as a software house, and ascertain the keys verbally or electronically such as via a modem connection or other connection.
  • a user may be able to "look-up" a handbook or chart or like record to obtain the desired keys.
  • These keys can then be inserted into the security and -usage register SUR to enable the programme to run. Once there is a match of keys then the programme is able to run and at some convenient time the usage register in the SUR is incremented.
  • the SUR has a finite capacity in the register such that periodically the SUR will fill and will not be able to operate until such time as the information in the register is down loaded. In this way it is possible to ensure that regular and/or periodic payments are made for software usage.
  • the register may have sufficient capacity to store not only information relating to the number of times programmes are used but also information as * to which programmes are used or to usage patterns, so that if " required higher charges can be made for different programme usage or usage patterns. If desired the usage register can be made to automatically down load the register information to a suitable store at any time.
  • the key memory KM may be of • sufficient size to store say 100 keys so that a user does not have to regularly obtain desired keys from a central store or from a suitable chart.
  • the embodiment of Figure 3 it can be seen that it is almost identical to the embodiments of Figures 1 and 2, except, that in addition, there is provided a link between the SUR and a central store CE.
  • the central CE be a software house or like establishment where programmes and/or keys can be stored, such as in an electronically accessible memory.
  • connection between the SUR and the central CE is preferably by way of land lines such as by the local telephone network. Accordingly a modem not shown is contemplated between the SUR and the central CE.
  • an operator of the device PC may already have a programme for use with the device PC.
  • the keys may not be available in the SUR.
  • the SUR may be programmed to automatically connect via the land line to request a key from central CE.
  • Central CE in turn, can transmit the key back to the SUR and then the programme will be able to run with the device PC and at a suitable time the usage register in SUR can be incremented. If a key memory KM is provided as optionally shown in Figure 3, then the key can be suitably stored.
  • the programming register can be incremented.
  • the necessary keys may already be in the key memories KM of the SUR when a programme is requested from central CE and in this case it will not be necessary to obtain the necessary keys from the central CE when the programme is requested.
  • the central CE can be arranged to automatically access the usage register in SUR at any time.
  • SUR Software'codings are utilized to ensure that the actual programme unlocking procedure and the register are secure.
  • the information stored in SUR can be attempted to be obtained via software means or by hardware means.
  • a user might try to break into the SUR unit using his computer connected to it either in the normal way (the PC-SUR connection) or via a network (the fraudulent user substitutes his computer for a central). Protection can be achieved by message coding and hardware design.
  • By hardware access a user may try to make connection with the circuitry itself in order to plug his own monitoring unit directly on the IC's therein.
  • connection is made then a user could read confidential memory register information and study a SUR programme during its execution and possibly feed his own programme to SUR in order to gain control of the unit.
  • protection can be achieved by sealing the circuitry in - such a way that a break-in would either damage the circuitry completely or leave traces in the circuitry such as damage to electronic components that would be detected when the register is inspected for usage and when a charge is to be made.
  • the circuitry can have a programme in it ⁇ such that it will down-loa ' d all the register information to a central CE if fraudulent access is attempted. This variation would of course only apply where the computer system is interconnected with a central CE.
  • the SUR contains a read only memory ROM and a memory M.
  • the read only memory ROM contains software.
  • SUR functions are:- 1.
  • the key codes or the programme codes are directly available at the computer PC
  • FIG. 5 shows a configuration where a direct memory access (DMA) buffer separates the CPU of the SUR from the computer PC and the central CE.
  • DMA direct memory access
  • Bl and Dl are buffers accessed respectively by the computer PC, the central CE and the CPU of the SUR.
  • CC represents control connections.
  • an intermediate step is provided in the transfer of messages from the computer PC and the central CE to the CPU. This means that a higher level of protection can be built into the SUR unit against software attempts to disrupt it and pirate information.
  • the CPU is pre-programmed to inspect the content of a message only when the computer PC or the central CE have terminated their transfer to Bl or Dl.
  • a further:increase in the protection of the SUR is obtained by replacing the buffers Cl and Dl of Figure 5 by more complex circuitry as shown in Figure 6.
  • the circuitry decodes the messages and performs checks on their content to detect attempted frauds.
  • DCl represents a decoder for the computer PC to the SUR.
  • DC2 represents a decoder for the SUR to central CE communications.
  • B2 represents • a buffer for the SUR to PC communications.
  • D2 represents a buffer for the SUR to the central CE communications.
  • Decoders DCl and DC2 may be encryption/decryption devices using known encryption/decryption codes.
  • the buffers Bl and D2 are optional and may be deleted if desired.
  • DCl and DC2 decoders can be special purpose " chips or made from a few integrated circuits (shift registers for example) and may have their own buffers (not shown) for the communications.
  • DCl and DC2 may not only decode the messages, but also perform checks on their content to detect frauds. In this case an increased level of protection can be performed before the message is transferred to the CPU - before it could be used to tamper with the sensitive part of SUR. If an attempted fraud is detected the message in fact is terminated and never reaches the CPU.
  • Figure 7 shows a general block circuit diagram of a SUR device. It is composed of a sealed area 10 in which the circuitry is protected against physical access and of an open area where the IC's and other components can be readily accessed as in a normal PC board.
  • FIG. 8 there is shown a block circuit diagram of the sealed circuit 10 shown in Figure 7.
  • the main components of the sealed circuit 10 comprise a microprocessor 20, a read only memory 21, a RAM 22, a real time clock RTC 23, a battery back-up circuit 24 for the real time clock RTC and for the RAM circuit 22, a ROM/RAM select logic circuit 25, an I/O select logic circuit 26 and a supervisor control logic circuit 27 and various buffer interfaces 28.
  • the interface buffers 28 are under the control of the microprocessor 20 and the select logic circuits 25 and 26 and . the supervisor control logic 27. Therefore operations internal to the sealed circuit 10 can be carried out without any information reaching the open area on any of the necessary buses.
  • the sealed circuit can operate very much as a standard microprocessor board except that its communications with the open circuit are under strict control.
  • the supervisor control logic circuit 27 performs the following functions:-
  • the battery module of the sealed circuit 10 is designed for the purposes of protecting the data stored in the static RAM 22 and to operate the real time clock 23 for extended periods when the external power source may be disconnected or interrupted.
  • microprocessor 20 used can vary according to the applications considered necessary of the SUR device. Typical microprocessors are Zilog Z80,
  • the ROM 21 in the sealed circuit 10 contains software required to operate the SUR for the first time. That is, it contains software which opens up communications with the outside so that new software can be loaded. When this is done the new software operates the sealed circuit 10 and resets or restarts operations on the new software which is then loaded.
  • the sealed circuit is produced on a thick film hybrid module or by any other technique known in the electronic circuit arts.
  • the important aspect of the sealed circuit 10 is that it will be protected against access both physically and by unauthorised electrical access.
  • the SUR described in Figure 7 can be configured using "PRO-LOG" cards based on the STD product line manufactured by the PRO-LOG Corporation of California, U.S.A. Card 7804 for sealed area 10 (without • battery back up).
  • Card 7704 for the ROM/RAM circuit 11.
  • Card 7304 dual UART card for the serial ports shown at RS232.
  • Card 7605 -programmable - TTL I/O parallel ports.
  • Card 7388 floppy disc controller (FDC) for a disc drive which may be connected with the control logic 12 to store information.
  • FDC floppy disc controller
  • an extra byte wide memory may be included such as card 7704.
  • the control logic 12 in Figure 7 is distributed among several cards: cards 7304, 7605 and 7388 for the control logic pertaining to the serial ports, the parallel ports and the FDC respectively.
  • the operations of the SUR are as follows:-
  • the total memory space in SUR is made of two storage areas, one internal to the sealed circuit 10 and the other external.
  • the memory space inside the sealed circuit 10 is further divided into two - one ROM and a RAM shown by ROM/RAM 21 and 22.
  • the functions of the software in ROM 21 are to control and supervise the important operations of the SUR such as:- (a) Access to sealed ROM/RAM 21 and 22 and. • external RAM 11 and/or the floppy disk.
  • the RAM area in the sealed circuit contains less important keys of software and may contain some data. This information does not need to be encrypted as access to the sealed memory 21, 22 is under the control the microprocessor 20. All data stored in external memory is typically encrypted for protection against unauthorised inspection and corruption. An empty memory may contain some perhaps randomly generated, information so as to mask not only the presence, but also the absence of important data.
  • SUR When a programme is being called by the user, or during its execution, its identification number is sent to SUR. If the programme has already been used, this number already exists in SUR memory as in RAM 22, Figure 8, with its associated decoding key(s). SUR then sends a signal to the computer PC to unlock the programme, or part of it and increments the • usage register in SUR. The usage register is also in RAM 22, Figure 8.
  • the programme can send not only its identification number, but also some instruction in coded form that must be " interpreted by SUR using the basic key codes sent by CE, so that the key codes to be returned may vary from run to run (for example they could depend on the date or on the operation being performed in SUR or on the data being processed in PC). Every message received by SUR is first checked for syntax and format correctness to detect attempted frauds.
  • Each SUR unit is identified by a number and each unit possesses an initial decoding key (known to the central), that was decided upon at time of manufacture. Encoding keys may also reside in the unit.
  • a new set of keys may be sent to SUR via the network (so that each set of keys is used only for a limited period of time) .
  • SUR When a programme is run for the first time, its identification number is not present in SUR memory.
  • SUR calls the central CE, identifies itself, and requests the programme unlocking key(s) to be sent (in coded form) .
  • the central CE wishes to check the usage register, it calls the SUR unit, and initiates a programme in SUR that reads the programme numbers and their usage, and sends this information in coded form to the central CE. Checks are made to ensure that the data was not corrupted during its transfer. The usage registers in SUR are then reset. Each message received by SUR is first checked for syntax and format correctness to detect attempted frauds.
  • the embodiments of Figures 7 and 8 may be modified by inclusion of a second CPU wired in tandem with the CPU shown, so that such!processing can be performed in that CPU whilst other processing can be performed in the original CPU.
  • the original CPU may have a sub-routine therein to automatically transfer the instructions or data to the second CPU.
  • the second CPU may be in the sealed circuit 10 or it may be in the external circuit. If it is in the external circuit, then naturally if security of information is required, the transferred information will have to be encrypted.
  • FIG. 9 there is shown a network embodiment using a plurality of computers PCI, PC2, PC3, ETC interconnected on a network line together with a SUR connected on that line.
  • a modem MOD is shown connected with the SUR which in turn connects with a central CE.
  • Figure 10 shows a further variation of the network arrangement shown in Figure 9 but where the central CE is actually connected directly with the network.
  • Figure 11 shows a further variation of the networking possibilities wherein a plurality of computers are connected on a network line and only one or some of the computers are interconnected with a SUR and then connected with a modem MOD for subsequent connection to a central CE.
  • a SUR can control one or several P.C.'s.
  • Figure 12 shows a variation where a personal computer P.C. is connected with a data base.
  • the computer is interconnected with a SUR which in turn connects with a modem MOD.
  • a land line then connects modem MOD with the data base.
  • An encryption device E is located at the data base.
  • the computer can request data by the SUR and the SUR will in turn check if there are any key codes in the memory in SUR before fetching the data and allowing it to pass to the personal computer.
  • a usage register is then' incremented in SUR.
  • the SUR acts as a decryption device for the encrypted data which is returned from the data base. Suitable decryption codes are included within the memory within SUR.
  • Figure 13 shows a further variation where the computer is connected directly with the data base and wherein t ⁇ e computer is indirectly connected with a central via the intermediary of a SUR.
  • Figure 14 shows a further variation where both the data base and the central interconnect with the computer via the intermediary of a SUR.
  • Figure 15 shows a further variation where the data base and the central are at the same location and wherein the computer can have direct access to information in the central CE and the data base.
  • Figure 16 shows an even further variation where the data base and the central interconnect with the computer via the SUR but wherein the data base and the central are at separate locations.
  • the SUR will record information relating to the usage such as the time of access, the type of records being accessed or the like so that eventually an appropriate charge can be made for either the programmes and/or the data base information.
  • Figure 17 shows an even further variation where a machine is used to consume information, instructions and/or materials.
  • the machine MC is interconnected with a SUR which in turn is interconnected with a modem MOD which in turn is connected with a computer at a remote location optionally via the intermediary of an encrypter E.
  • the SUR can be arranged to receive key codes from the information, instructions and/or material to be used at the machine and check that the key codes are available. If they are not available they can be obtained in one of the ways previously mentioned and once a match is made then the information, instructions and/or materials to be used can be passed through the machine MC.
  • a computer can control the operation of the machine from a remote location.
  • a host computer to which a plurality of terminals Tl—T9 ETC are shown.
  • the host computer is interconnected with a front end processor FEP.
  • Host SURS (SUR 1, SUR 2, SUR 3) are in turn associated with the host computer host.
  • the SURS 1, 2 and 3 interconnect with a communications network which may be a local telephone network or some other communications network.
  • a central CE is shown interconnected with the front end processor FEP and with the communications network.
  • Each of the terminals are associated with one or more SUR devices as contemplated in previous embodiments.
  • Communication controllers COM are interconnected in various ways with SURS E and SUR F as; shown and permit communication to suitable ' terminals.
  • Each SUR can have either one or several network ports (compare SURS A and B at the user side) . Similarly each SUR can have one or several terminal ports (SURS B and C). It is possible to have fewer network than terminal ports (SUR C) .
  • the SURS next to the host usually have the same number of ports on the host side as the network side.
  • a SUR can be connected to a communication controller COM that can be either on the network or the terminal side (see SURS E and F) .
  • the SUR devices come in pairs; one on the terminal side and one on the host side. This configuration is required ' hen encryption-decryption of data between the host and the terminals is required.
  • each of the SURS include the necessary encryption-decryption codes.
  • the SURS at the host side do not normally perform any user identification access control and usage monitoring functions but simply permit the necessary transactions to be passed to the terminal side.
  • the SURS at the host side are basically the same as the SURS at the terminal side in hardware design except- that the necessary firm ware is not as complete as at the terminal side.
  • pairs of SURS When pairs of SURS are used they can be connected in several ways as shown - SURS 1 and A - one front end processor FEP line per terminal with the SURS servicing several such lines.
  • SURS 3 and C one line from FEP to the terminal SUR, but more than one terminal are being served.
  • the supervisor at the central CE communicates with the terminal SURS either via the FEP (line 10) or directly via the communication network (line 11) or directly to the host SURS (line 12). In the first case FEP simply re-routes the central messages to the appropriate terminal SURS, or the terminal SURS messages to the central CE.
  • the central CE is treated by FEP as another terminal location.
  • the communications central-terminals SURS are either re-routed by FEP as mentioned previously or are. independent of FEP.
  • the SUR in central CE communications are always encrypted even when re-routed by FEP and using line 7. In this instance the host SURS are not used for these communication exchanges.
  • the central CE communicates directly with the host SURS and through them can communicate to the terminal SURS.
  • a key code can be any string of 0's and l's and a key code matching operation refer to a comparison between 2 such strings, that may determine future operations or action.
  • central CE can only communicate with a SUR after it has satisfied this SUR of its (CE) identity, and is satisfied of the SURS identity. This is achieved by using known techniques of key management for data security and integrity in communication. See for example "Cryptography and Data Security" by D.E.R. Denning, Addison-Wesley, 1983.
  • central CE can send instructions to the SUR, get information from it, etc. For example CE can get access to thee usage information in the SUR by instructing it to use the routine that sends this information to central CE. Alternatively, if the routine is.not in SUR, central CE first sends the routine to SUR, and then instructs it to execute the routine. The routine may also include steps to reset the usage register.
  • FIG. 18 Shows the general operations of the SURS in a network as illustrated in Figure 18. It includes aspects of Figures 21, 22 and 23. Note that not all the operations shown are mandatory, as several are application specific.
  • the top of the illustration (down to - end of transaction? ⁇ ) illustrates operations " involving PC and SUR, but not the host. In addition to its security functions, SUR can perform other tasks such as carrying out and keeping a record of an off-line (no direct connection to the host) , financial transactions for example.
  • Protection of Programmes and Data Protection is based on programmes or data being designed or configured in such a way that they need to interact with a SUR to be usable.
  • the level of protection can be adjusted by the software writer or data producer. When passwords only are used, that must be checked in SUR, the protection is low. However when some decryption and processing must take place in SUR the protection can be much higher. Its level depends on a user not being able to guess what the coded information in software data means and does. This forces the user to rely on a SUR.
  • the other key aspect is the usage monitoring function of SUR with regular downloading of usage information to the central.
  • the joint aspects of protection and usage monitoring offer significant advantages to the user of data or software, its producer or writer, and to the industry in general.
  • the user can have access to a wide variety of software or databases, but he is charged solely in proportion to the use he makes of the resources. This is in contrast to the present situation where he usually has to pay a fixed amount, with little consideration for what he gets out of the products.
  • the software writer (and data producer) can expect increased revenues due to reduced or eliminated pirating, and to widened market base for his products that item from charging the users in proportion to usage.
  • the industry could greatly benefit by increased dynamism among software and data users and writers.
  • the invention has also the potential to bypass the problems of copyright of software and data, and of its enforceability.
  • Network Security The network security system using SURS as illustrated in Figure 18 has the following advantages: a) It relies on dedicated hardware and ' software for security functions in a network. b) Network security is independent of the data processing department, and does not require changes to the host's software. c) The decentralised security functions in each SUR act as buffer between terminals and network. Each SUR is a secure gateway to the network resources. d) The SUR system offers a comprehensive and integrated network security based on:

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
EP19850900596 1984-02-03 1985-02-04 Steuerung der sicherheit und der verwendung Withdrawn EP0203066A1 (de)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
AU3451/84 1984-02-03
AU345184 1984-02-03
AU7707/84 1984-10-19
AU770784 1984-10-19

Publications (1)

Publication Number Publication Date
EP0203066A1 true EP0203066A1 (de) 1986-12-03

Family

ID=25610157

Family Applications (1)

Application Number Title Priority Date Filing Date
EP19850900596 Withdrawn EP0203066A1 (de) 1984-02-03 1985-02-04 Steuerung der sicherheit und der verwendung

Country Status (2)

Country Link
EP (1) EP0203066A1 (de)
WO (1) WO1985003584A1 (de)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003025921A1 (en) 2001-09-20 2003-03-27 Koninklijke Philips Electronics N.V. Optical scanning device

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5050213A (en) * 1986-10-14 1991-09-17 Electronic Publishing Resources, Inc. Database usage metering and protection system and method
US4827508A (en) * 1986-10-14 1989-05-02 Personal Library Software, Inc. Database usage metering and protection system and method
US4796181A (en) * 1986-10-24 1989-01-03 Wiedemer John D Billing system for computer software
US5155680A (en) * 1986-10-24 1992-10-13 Signal Security Technologies Billing system for computing software
GB2205667B (en) * 1987-06-12 1991-11-06 Ncr Co Method of controlling the operation of security modules
CA2053261A1 (en) * 1989-04-28 1990-10-29 Gary D. Hornbuckle Method and apparatus for remotely controlling and monitoring the use of computer software
JPH04504794A (ja) * 1989-04-28 1992-08-20 ソフテル,インコーポレイテッド コンピュータソフトウェアの使用を遠隔制御及びモニタするための方法及び装置
CN1912885B (zh) 1995-02-13 2010-12-22 英特特拉斯特技术公司 用于安全交易管理和电子权利保护的系统和方法
US6157721A (en) 1996-08-12 2000-12-05 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
US5892900A (en) 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US5822291A (en) * 1995-03-23 1998-10-13 Zoom Television, Inc. Mass storage element and drive unit therefor
US20010011253A1 (en) 1998-08-04 2001-08-02 Christopher D. Coley Automated system for management of licensed software
US6021391A (en) * 1998-03-03 2000-02-01 Winbond Electronics Corp. Method and system for dynamic data encryption

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3473159A (en) * 1966-07-07 1969-10-14 Gen Electric Data processing system including means for protecting predetermined areas of memory
US4234932A (en) * 1978-09-05 1980-11-18 Honeywell Information Systems Inc. Security system for remote cash dispensers
US4430728A (en) * 1981-12-29 1984-02-07 Marathon Oil Company Computer terminal security system
DE3320378A1 (de) * 1982-06-07 1983-12-15 Fortune Systems Corp Programmschutzvorrichtung fuer computerprogramme

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO8503584A1 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003025921A1 (en) 2001-09-20 2003-03-27 Koninklijke Philips Electronics N.V. Optical scanning device

Also Published As

Publication number Publication date
WO1985003584A1 (en) 1985-08-15

Similar Documents

Publication Publication Date Title
Mori et al. Superdistribution: the concept and the architecture
US5925127A (en) Method and system for monitoring the use of rented software
TW475103B (en) Public cryptographic control unit and system therefor
White ABYSS: ATrusted Architecture for Software Protection
EP1224516B1 (de) Gesicherte computerplattform zur einschränkung der nutzung von daten
EP1342149B1 (de) Verfahren zum schutz von informationen und der vertraulichkeit
US7461249B1 (en) Computer platforms and their methods of operation
US6101606A (en) System for securing protected software from unauthorized use in computer networks
US7457951B1 (en) Data integrity monitoring in trusted computing entity
US5388211A (en) Method and apparatus for remotely controlling and monitoring the use of computer software
White et al. ABYSS: An architecture for software protection
US5854891A (en) Smart card reader having multiple data enabling storage compartments
JP3656856B2 (ja) ソフトウエア入手方法と該方法を実施するためのデータ処理システム
CA2373542C (en) Systems and methods for secure transaction management and electronic rights protection
US7134016B1 (en) Software system with a biometric dongle function
EP0203066A1 (de) Steuerung der sicherheit und der verwendung
JPS63125030A (ja) 遠隔端末アクセス方法
WO1998007092A9 (en) Smart card reader having multiple data enabling storage compartments
WO2000073880A1 (en) Data event logging in computing platform
KR100443621B1 (ko) 개인용 컴퓨터 기반의 고유 아이디를 이용한 휴대용 정보단말기의 어플리케이션의 인증방법과 이를 이용한 시스템
JP2003507784A (ja) 記憶されたデータの使用に対する強制的な制限
US4654792A (en) Data processing system including data input authorization
JP2004086588A (ja) ソフトウェア不正使用防止システム
KR100423506B1 (ko) 아이씨칩내장카드를 이용한 온라인상에서의 소프트웨어불법복제방지방법
US6889298B2 (en) Battery-based secured storage binding system

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH DE FR GB LI LU NL SE

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 19861007