EP1815308A1 - Verfahren zur verwaltung einer zeitlich begrenzten lizenz an einer auf einer netzwerkkomponente ausführbaren rechnerapplikation - Google Patents
Verfahren zur verwaltung einer zeitlich begrenzten lizenz an einer auf einer netzwerkkomponente ausführbaren rechnerapplikationInfo
- Publication number
- EP1815308A1 EP1815308A1 EP05800611A EP05800611A EP1815308A1 EP 1815308 A1 EP1815308 A1 EP 1815308A1 EP 05800611 A EP05800611 A EP 05800611A EP 05800611 A EP05800611 A EP 05800611A EP 1815308 A1 EP1815308 A1 EP 1815308A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- license
- reference date
- computer application
- time
- network component
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 238000004883 computer application Methods 0.000 title claims abstract description 29
- 238000000034 method Methods 0.000 title claims abstract description 23
- 230000006978 adaptation Effects 0.000 claims 1
- 238000013475 authorization Methods 0.000 description 3
- 206010035148 Plague Diseases 0.000 description 1
- 241000607479 Yersinia pestis Species 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
Definitions
- the present invention relates to a method for managing a temporary license to a computer application executable on a network component.
- Modern data processing networks such as e.g. Telecommunications networks usually have very complex network components. These network components have a wide variety of tasks and must therefore be very universally configurable, for example, to be used in telecommunications with different time-slot-oriented and packet-oriented transmission methods. In addition, it is also necessary to adapt certain network components to the different usage contracts that a subscriber can conclude with a network operator.
- networks are also primarily used to ensure software applications that specific administratively activatable functionalities can be provided and used with certain network components.
- the present invention is therefore based on the object of specifying a method for managing a time-limited license on a computer component executable on a network component, which ensures that a computer application after the expiration of the license period is no longer available for further unauthorized use ,
- a method for managing a time-limited license on a computer application executable on a network component in which: a) a license data record is created which comprises at least the information about the computer application to be licensed, a license period and a signing time; b) the license record is read by a license server and based on the information about the signing time
- Reference date for this computer application is determined; c) the reference date is compared with a system time defined for the network component for determining a binding current time base for the license server; (d) it is determined by comparison whether the
- Computer application is executed on the basis of the current time base and / or due to the granted license period, wherein e) the reference date on the license server is continuously updated and stored.
- the method according to the invention allows the license server to be used on the network component itself can be executed, based on the determination of the reference date and on the basis of its ongoing updating, to establish a timeframe independent of the system time against which the promised license period can be evaluated.
- the license data set may further comprise a digital signature with which it can be ensured that only the owner of the signature key is also able to store the data of the license key
- the license record is read by the license server cyclically or due to an event trigger.
- the cyclical evaluation of the license data record can therefore have the advantage that, for example, an update or an extension of the license duration can be performed automatically by the license server without additional measures.
- the signing time can only be used after successful signature verification to determine the reference datum.
- the determination and updating of the reference datum is of particular importance for the course of the method according to the invention, because this reference datum is the central information for determining the current time base against which the other time data are evaluated.
- the license server can use the system time as the current time base if the comparison of the system time with the previously determined reference date comes to the conclusion that the system time is less than or equal to the reference date. In this way, it is ensured that the time base of the license server, taking into account the above condition on the so-called recent time base.
- the procedure be reversed ie the reference date is used to determine whether the license period has not expired without adjustment to the system time as the current time base of the license server, if the comparison of the system time with the previously determined reference date The result is that the system time is older than the previously specified reference date. In this way, it is safely ruled out that a use of the computer application can be made, for example, if the system time was frozen or even reset, because the system time may still be within the license period, even then updated reference date but already after the end the guaranteed license period.
- the network component for updating the reference date may assign a counter whose count is added to the reference date continuously or discontinuously. For the same reason mentioned above, it is then also advantageous to store the updated reference data on the network component in a protected mode so that an abusive manipulation can also be better excluded here.
- Figure 1 is a schematic representation of a
- Figure 2 is a schematic representation of the process for updating the reference date based on two
- Figure 3 is a schematic representation of a typical structure of a license record
- Figure 4- an example of a license record.
- FIG 1 shows a schematic representation of a network element NE, which is arranged in a communication network not shown here, and a user-side FTP server FtpS.
- a licensor sends a user a license record LF (for example by email), which the user can save on his FTP server FtpS.
- This license data set LF includes i.a. a binding Sign istsZeittician - hereinafter called Creation Date CD.
- This creation date CD can specify the signing time of the license record LF.
- Figures 3 and 4 give below in detail information.
- a license server LS and data record server FS as well as a timer T and a system clock SC are included on the network element NE.
- the license server LS maintains a reference date RD and a second internal time base C2 for determining a current time base AZ.
- the license server LS also has the task of managing the licenses granted in the license data record LF and the reference date RD and of controlling the registered computer applications accordingly.
- the record server FS provides the file management for the license record LF with the creation date CD and the Reference date RD ready with the second internal time base C2.
- Figure 2 shows schematically the procedure for checking and updating the reference date RD, which for the plague position, whether the user is still entitled to use a particular computer application, has central importance.
- the license server LS reads for this purpose the license record LF and first checks the signature of the license record LF. After finding the positive
- Reference date RD the reference date RD is left unchanged for the license server LS and the count of the second internal time base C2 is added to this reference date RD.
- the part b) of Figure 2 shows exactly the other case where the Creation Date CD is younger than the reference date RD.
- An arrow P is hereby intended to represent the method step, which consists in equating the reference date RD with the creation date CD and setting the count of the second internal time base C2 to zero.
- the current time base AZ for the license server LS then results from the comparison of the system time SC with the reference date RD. Therefore, an update of the reference date RD does not necessarily have to change the current time base AZ.
- the count value of the second internal time base C2 is now continuously added to the reference date due to the reading of the license data record LF and due to an authorized use. If, for example, the count has reached the number of 86400 seconds (24h * 60min * 60sec), that will be
- Reference date RD increased by one day and count reduced by 86400.
- the reference date RD and the value of the second internal time base C2 can be stored cyclically in the data set server FS, wherein the storage interval can be defined at discretion. The separation takes place on the network element NE with a limited read / write access.
- the next important comparison for the determination of the authorization is the comparison of the so initially fixed and continuously updated reference date RD with the system time according to the system clock SC.
- This system clock SC can indeed be specified by the operator of the network element NE, which is why the license server LS compares the system time with the reference data RD.
- the reference date RD acts on the license server LS as a limit for the time of the system clock SC, hereinafter referred to as system time SC. If the system time SC is later than or equal to the reference date RD, the system time SC is used as the current time base AZ for the license server LS, i. the license server LS uses this time base for the further check for a possible expiration of the license duration. If the system time SC is older than the reference date, the reference date RD remains relevant for the current time base AZ of the license server LS and thus for the further authorization check.
- This license record LF contains an indication of all licenses and is protected by a signature.
- This license record LF is created for a particular network element NE or for a particular network with a number of network elements NE and in the present case also contains a MAC address or a MAC address list in order to identify the hardware used.
- the license record LF comprises the general information such as the unique identifier of the license record (File id), the customer name, the name of the product (Product name), Information about the signature (Signatare info) and the so important Creation Date CD (Creation date), which corresponds to the date of signing of the license data set LF.
- File id the unique identifier of the license record
- Product name the name of the product
- Signatare info Information about the signature
- Creation Date CD Creation date
- entries in the MAC address list contain the network components listed there.
- the next data block is devoted to the actual license.
- feature info indicates the name / designation of the licensed software
- feature id is a unique ID code for the licensed computer application.
- An entry under the “Locking mode” controls the behavior of the license server LS after the expiry of a temporary license, such as the generation of alarms, the locking of the computer application or their deinstallation "are self-explanatory and define the period of validity of the license, ie the license period LP, so that a time-limited licensed computer application can only be executed if the current time base AZ is in the license period LP defined by the fields" Start "and” End ".
- a software tendered license data record LF is exemplified in FIG.
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102004055759A DE102004055759B4 (de) | 2004-11-18 | 2004-11-18 | Verfahren zur Verwaltung einer zeitlich begrenzten Lizenz an einer auf einer Netzwerkkomponente ausführbaren Rechnerapplikation |
PCT/EP2005/011503 WO2006053631A1 (de) | 2004-11-18 | 2005-10-27 | Verfahren zur verwaltung einer zeitlich begrenzten lizenz an einer auf einer netzwerkkomponente ausführbaren rechnerapplikation |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1815308A1 true EP1815308A1 (de) | 2007-08-08 |
Family
ID=35679359
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP05800611A Ceased EP1815308A1 (de) | 2004-11-18 | 2005-10-27 | Verfahren zur verwaltung einer zeitlich begrenzten lizenz an einer auf einer netzwerkkomponente ausführbaren rechnerapplikation |
Country Status (5)
Country | Link |
---|---|
US (1) | US7890429B2 (zh) |
EP (1) | EP1815308A1 (zh) |
CN (1) | CN101061451B (zh) |
DE (1) | DE102004055759B4 (zh) |
WO (1) | WO2006053631A1 (zh) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101146315B (zh) * | 2006-08-03 | 2010-06-02 | 华为技术有限公司 | 许可证文件管理方法、服务器及系统 |
US8745060B2 (en) | 2007-07-25 | 2014-06-03 | Yahoo! Inc. | Indexing and searching content behind links presented in a communication |
CN102083194B (zh) * | 2009-11-30 | 2014-12-03 | 电信科学技术研究院 | 时间信息发送与时间同步方法、系统和设备 |
US9760866B2 (en) * | 2009-12-15 | 2017-09-12 | Yahoo Holdings, Inc. | Systems and methods to provide server side profile information |
US8924956B2 (en) * | 2010-02-03 | 2014-12-30 | Yahoo! Inc. | Systems and methods to identify users using an automated learning process |
US8423545B2 (en) | 2010-02-03 | 2013-04-16 | Xobni Corporation | Providing user input suggestions for conflicting data using rank determinations |
US9084031B2 (en) | 2010-12-13 | 2015-07-14 | Microsoft Technology Licensing, Llc | Content license storage |
CN102184362B (zh) * | 2011-05-19 | 2014-11-26 | 中国石油集团川庆钻探工程有限公司 | 固定许可证和浮动许可证融合校验授权方法 |
US9747583B2 (en) | 2011-06-30 | 2017-08-29 | Yahoo Holdings, Inc. | Presenting entity profile information to a user of a computing device |
CN102387146A (zh) * | 2011-10-21 | 2012-03-21 | 张国 | 一种浮点型许可证的增效方法及系统 |
US10192200B2 (en) | 2012-12-04 | 2019-01-29 | Oath Inc. | Classifying a portion of user contact data into local contacts |
US20150095237A1 (en) * | 2013-09-30 | 2015-04-02 | Infinera Corp. | License Management System |
CN104751025B (zh) * | 2013-12-30 | 2018-08-24 | 新华三技术有限公司 | 一种授权许可License的控制方法和装置 |
US10135737B2 (en) * | 2014-09-30 | 2018-11-20 | Nicira, Inc. | Distributed load balancing systems |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US19814A (en) * | 1858-03-30 | Hand-exerciser for musicians | ||
US5014234A (en) * | 1986-08-25 | 1991-05-07 | Ncr Corporation | System with software usage timer and counter for allowing limited use but preventing continued unauthorized use of protected software |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4924378A (en) * | 1988-06-13 | 1990-05-08 | Prime Computer, Inc. | License mangagement system and license storage key |
US5260999A (en) * | 1991-06-28 | 1993-11-09 | Digital Equipment Corporation | Filters in license management system |
JPH09501546A (ja) * | 1993-05-07 | 1997-02-10 | エロネックス・テクノロジーズ・インコーポレーテッド | コンピュータ電話インターフェイス |
GB9405753D0 (en) * | 1994-03-23 | 1994-05-11 | Gms Recordings Limited | Interactive compact disk system |
US5708709A (en) * | 1995-12-08 | 1998-01-13 | Sun Microsystems, Inc. | System and method for managing try-and-buy usage of application programs |
US5790664A (en) * | 1996-02-26 | 1998-08-04 | Network Engineering Software, Inc. | Automated system for management of licensed software |
US5925127A (en) * | 1997-04-09 | 1999-07-20 | Microsoft Corporation | Method and system for monitoring the use of rented software |
US20020019814A1 (en) * | 2001-03-01 | 2002-02-14 | Krishnamurthy Ganesan | Specifying rights in a digital rights license according to events |
JP4169942B2 (ja) * | 2001-02-27 | 2008-10-22 | インターナショナル・ビジネス・マシーンズ・コーポレーション | コンテンツ利用方法、コンテンツ配信方法、コンテンツ配信システムおよびプログラム |
US7134144B2 (en) * | 2001-03-01 | 2006-11-07 | Microsoft Corporation | Detecting and responding to a clock rollback in a digital rights management system on a computing device |
JP2004206435A (ja) * | 2002-12-25 | 2004-07-22 | Victor Co Of Japan Ltd | ライセンス管理方法、およびライセンス管理システム |
US7170390B2 (en) * | 2003-02-18 | 2007-01-30 | Topp Group, Inc. | Method and apparatus for conditioning access for a remotely-accessible device |
JP2005018378A (ja) * | 2003-06-25 | 2005-01-20 | Sony Corp | 情報サーバ、情報機器、情報処理システム、情報処理方法および情報処理プログラム |
US20050027657A1 (en) * | 2003-08-01 | 2005-02-03 | Yuri Leontiev | Distinguishing legitimate hardware upgrades from unauthorized installations of software on additional computers |
-
2004
- 2004-11-18 DE DE102004055759A patent/DE102004055759B4/de not_active Expired - Fee Related
-
2005
- 2005-10-27 CN CN200580039680.7A patent/CN101061451B/zh not_active Expired - Fee Related
- 2005-10-27 WO PCT/EP2005/011503 patent/WO2006053631A1/de active Application Filing
- 2005-10-27 US US11/667,426 patent/US7890429B2/en not_active Expired - Fee Related
- 2005-10-27 EP EP05800611A patent/EP1815308A1/de not_active Ceased
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US19814A (en) * | 1858-03-30 | Hand-exerciser for musicians | ||
US5014234A (en) * | 1986-08-25 | 1991-05-07 | Ncr Corporation | System with software usage timer and counter for allowing limited use but preventing continued unauthorized use of protected software |
Also Published As
Publication number | Publication date |
---|---|
US7890429B2 (en) | 2011-02-15 |
DE102004055759B4 (de) | 2006-11-09 |
CN101061451B (zh) | 2011-02-02 |
DE102004055759A1 (de) | 2006-05-24 |
WO2006053631A1 (de) | 2006-05-26 |
US20080010460A1 (en) | 2008-01-10 |
CN101061451A (zh) | 2007-10-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2006053631A1 (de) | Verfahren zur verwaltung einer zeitlich begrenzten lizenz an einer auf einer netzwerkkomponente ausführbaren rechnerapplikation | |
DE112010003971B4 (de) | Vorübergehende Bereitstellung höherer Vorrechte für ein Rechensystem für eine Benutzerkennung | |
DE10211606B4 (de) | Datenverarbeitungseinrichtung mit einem Metadatensicherungsmanagement | |
DE60220418T2 (de) | Verfahren und Anbieter zur Systemsynchronisation | |
EP2171632B1 (de) | Verfahren und vorrichtung zum überprüfen der integrität von in einem vorbestimmten speicherbereich eines speichers gespeicherten daten | |
AT405466B (de) | Vorrichtung zum schutz eines elektronischen geräts | |
DE112019006673T5 (de) | Schutz vor datenverlust | |
EP4154139B1 (de) | Erweiterte integritätsüberwachung eines containerabbildes | |
DE112019005317T5 (de) | Objektspeicher für garantierte inhalte zur sicherung und aufbewahrung | |
EP2394232B1 (de) | Vorrichtung und verfahren zum verhindern von unautorisierter verwendung und/oder manipulation von software | |
DE112019006886T5 (de) | Systementwicklungsunterstützungsvorrichtung, Verfahren, Programm und Aufzeichnungsmedium | |
EP1241570A2 (de) | Automatisierte Versions-Analyse von zu einer Softwareapplikation gehörenden Softwarekomponenten | |
EP1529257B1 (de) | Übernehmen eines datensatzes in eine recheneinheit | |
EP1563358A2 (de) | Verfahren zur sicheren überprüfung eines speicherbereiches eines mikrocontrollers in einem steuergerät und steuergerät mit einem geschützten mikrocontroller | |
DE102010016257A1 (de) | Generisches Firmware-Fileformat | |
WO2005064432A2 (de) | Verfahren zum wiederherstellen eines berechtigungscodes | |
EP3430508A1 (de) | Elektrogerät, insbesondere wechselrichter oder umrichter, und verfahren zum betreiben eines elektrogeräts | |
EP1643336A1 (de) | Eindeutige Produktidentifikation | |
DE102012111181A1 (de) | Speichersystem, insbesondere Cloud Storage System, und Computerprogrammprodukt | |
WO2016096147A1 (de) | Verfahren zum verwalten einer anzahl von subskriptionen eines mobilfunknetzbetreibers auf einem sicherheitselement | |
DE102022128636A1 (de) | Verfahren und System zum Verwalten eines Zugriffs auf digitale Mediendateien | |
EP2629216A2 (de) | Verfahren und Anordnung zur Verwaltung von Daten sowie ein entsprechendes Computerprogramm und ein entsprechendes computerlesbares Speichermedium | |
DE102020208331A1 (de) | Verfahren zum Betreiben eines Hardware-Sicherheits-Moduls | |
DE10323033A1 (de) | Laden eines ausführbaren Programms in einen tragbaren Datenträger | |
EP3680788A1 (de) | Modellierung von betriebsmitteln |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20070620 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: NOKIA SIEMENS NETWORKS GMBH & CO. KG |
|
RAP3 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: NOKIA SIEMENS NETWORKS S.P.A. |
|
RAP3 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: NOKIA SIEMENS NETWORKS GMBH & CO. KG |
|
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20080811 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20100210 |