JP2005321850A - License authentication system, method, and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a license authentication system, a license authentication method, and a license authentication program capable of continuing license authentication even after hardware is changed. <P>SOLUTION: This license authentication system is provided with an authentication data management part managing authentication data constructed by a combination of an authentication license key and an authentication key, a license authentication server having a key generation means generating a new key and registering it when authentication data transferred from an information processing terminal matches those stored in the authentication data management part and a key transmission means transmitting the generated new key to the information processing terminal, an authentication data storage part storing initial authentication data, and an information processing terminal having an authentication request means transmitting the stored authentication data to the license authentication server by a request for license authentication and an execution allowing means allowing execution of the software on receipt of the new key for the authentication request and updating and storing the new key. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a license authentication system, a license authentication method, and a license authentication program for performing a license authentication process with a license authentication server when software requiring license authentication is installed in an information processing terminal.

As a conventional license authentication method, for example, when a software sales server downloads and sells software to a client terminal, device information unique to the client terminal, a user ID, and information including software information of the sold software are acquired. When the sales software is started for the first time on the client terminal, the device information, user ID, software name, and version of the started client terminal are transmitted to the software sales server. If the information is verified and the verification is successful, the license key for starting the sales software is transmitted to the computer, and the client terminal that receives the license key stores the received license key and its own device information in the local disk. Next, the software on the client terminal There is known a software providing system that allows execution of software when the device information is matched with the device information stored in the local disk when booting the software (for example, the software execution system is permitted). , See Patent Document 1).
JP 2004-0246708 A (page 9 to page 12, FIGS. 1, 8, and 9)

  However, in the conventional example described in Patent Document 1, when software is downloaded from a software sales server, device information, user ID, and software information specific to the client terminal are acquired by the software sales server. When the software is started for the first time on the client terminal, the device information, the user ID, and the software information are transmitted to the software sales server so that the received information matches the information stored in advance in the software sales server. Since the key is sent to the client terminal, if the software is installed on a client terminal other than the downloaded client terminal, the license key cannot be acquired, the software cannot be started, and the license key is acquired. Do you If the software is copied to another client terminal, the software cannot be started because the device information stored in the local disk is different from the device information stored on the local disk when the license key is received. Although the use can be surely prevented, there is an unsolved problem that even if the hardware for installing the corresponding software is replaced, even a legitimate user cannot start the software.

  Accordingly, the present invention has been made paying attention to the unsolved problems of the above-described conventional example, and a license authentication system, a license authentication method, and a license authentication program capable of continuing license authentication even when hardware is changed. The purpose is to provide.

  To achieve the above object, a license authentication system according to claim 1 includes a license authentication server that performs license authentication, and software that requires license authentication connected to the license authentication server via a network. In the license authentication system including an installed information processing terminal, the license authentication server transmits an authentication data management unit that manages authentication data that is a combination of a license key and an authentication key of the software, and is transmitted from the information processing terminal The authentication data stored in the authentication data management unit is compared, and when the two match, a new key is generated for either the license key or the authentication key, and the generated new key Key generation means for registering the authentication data in the authentication data management unit, A key transmission means for transmitting a new key generated by the generation means to the information processing terminal, the information processing apparatus comprising: an authentication data storage unit for storing initial authentication data when the software is installed; Authentication request means for transmitting the authentication data stored in the authentication data storage unit to the license authentication server when a license authentication request is made at startup, and a new key is received for the authentication request requested by the authentication request means An execution permission unit is provided, which sometimes permits execution of the software and updates a key corresponding to a new key stored in the authentication data storage unit.

  According to a second aspect of the present invention, there is provided the license authentication system according to the first aspect, wherein the authentication data management unit of the license authentication server includes the authentication data transmitted from the information processing terminal and the managed authentication data. Comparing and generating a new license key when the number of mismatches counted by the mismatch count counting means exceeds a predetermined number when the two do not match, A license key update unit that updates and stores the combination of the license key and the authentication key in the authentication data management unit, and a license generated for a regular license key registrant when the license key is updated by the license key update unit And a license key update notification means for notifying the key.

  Further, the license authentication system according to claim 3 is the invention according to claim 1 or 2, wherein the key generation means includes authentication data transmitted from the information processing terminal and authentication stored in the authentication data management unit. When the data matches, it is configured to generate a new authentication key that does not exist in the authentication data management unit.

  Furthermore, the license authentication system according to claim 4 is the invention according to claim 1 or 2, wherein the key generation means is stored in the authentication data transmitted from the information processing terminal and the authentication data management unit. A feature is that a new license key that does not exist in the authentication data management unit is generated when the authentication data matches.

  Still further, the license authentication system according to claim 5 is the invention according to claim 1 or 2, wherein the key generation unit is stored in the authentication data transmitted from the information processing terminal and the authentication data management unit. The authentication data is configured to generate a new authentication key and license key that do not exist in the authentication data management unit when the authentication data matches.

  According to a sixth aspect of the present invention, there is provided the license authentication system according to any one of the first to fifth aspects, wherein the information processing terminal determines whether a communication result with the license authentication server is normal when the software is activated. Communication result determining means for determining whether the communication result determining means continues the activation of the software when the communication result is normal, and activates the software when the communication result is abnormal It is characterized by having a start control means for stopping.

  Furthermore, the license authentication system according to claim 7 is the invention according to claim 6, wherein the communication result determination means detects a state where communication with the license authentication server is impossible, and the communication result is abnormal. It is characterized by being comprised so that it may determine.

  Further, the license authentication system according to claim 8 is the license authentication system according to claim 6, wherein the communication result determination means cannot receive a new key in response to the authentication request requested by the authentication request means. Is characterized in that it is determined to be abnormal.

  Still further, the license authentication system according to claim 9 is the invention according to claim 6, wherein the communication result determining means detects the state in which communication with the license authentication server is impossible and the authentication request means. It is characterized in that the communication result is determined to be abnormal when a new key cannot be received in response to the requested authentication request.

  According to a tenth aspect of the present invention, there is provided a license authentication method in which a license authentication server that performs license authentication performs license authentication from an information processing terminal in which software that requires license authentication is installed via a network. In the authentication method, the license authentication server has an authentication data management unit that manages authentication data including a combination of a license key and an authentication key of the software, and is received when the authentication data is received from the information processing terminal. When the authentication data and the authentication data stored in the authentication data management unit are compared and the two match, a new key is generated for either the license key or the authentication key, and the generated new key is A step of registering in the authentication data management unit; and the key generation means Transmitting the generated new key to the information processing terminal, and the information processing apparatus includes an authentication data storage unit that stores initial authentication data when the software is installed. Transmitting authentication data stored in an authentication data storage unit to the license authentication server to make a license authentication request, and permitting execution of the software when a new key is received for the requested authentication request And a step of updating a key corresponding to the new key stored in the authentication data storage unit.

  Further, the license authentication program according to claim 11 sends a request for a license authentication by sending authentication data consisting of a combination of a license key and an authentication key stored at the time of software installation to the license authentication server at the time of startup. The activation is continued when a new key of at least one of the license key and the authentication key generated by the license authentication server is received in response to the authentication request, and the key corresponding to the received new key is updated and stored. The step is executed by a computer of an information processing apparatus capable of communicating with a license authentication server.

  According to the invention according to claim 1 or 10, when software that requires online license authentication is installed in the information processing terminal, initial authentication data including a license key and an authentication key is stored in the authentication data storage unit. When the software installed on the information processing terminal is activated, the authentication data composed of the license key and the authentication key stored in the authentication data storage unit is transmitted to the license authentication server and stored in the authentication data management unit. When the two match, the authentication key generates a new key for either the license key or the authentication key, and uses the generated new key and the other key as new authentication data. New authentication data is updated and stored in the authentication data storage unit, and the software is executed. Yes, it is not necessary to use the MAC address of the computer or its peripheral devices, so even if the hardware is replaced on the information processing terminal side, the license authentication setting must be set again unless the authentication data storage unit is changed. It is not necessary to do this, and when the software corresponding to a plurality of information processing terminals is installed on the information processing terminal side and the corresponding software is started on each information processing terminal, it is newly created by the license authentication server The authentication data including the key will be different for each information processing terminal, the authentication data will not match on the license authentication server, the execution of the software will be stopped, and if the software is illegally copied by a third party as well, Similarly, the execution of software can be stopped to ensure that unauthorized use of the software is prevented. The effect is obtained that that.

  According to the invention of claim 2, due to the presence of an unauthorized user, etc., the authentication data transmitted from the information processing terminal to the license authentication server does not match when the authentication data is collated with the authentication data stored in the authentication data management unit When the number of mismatches exceeds a predetermined number, a new license key is generated, and this is notified to the authorized license key registrant. Therefore, the authorized license key registrant is stored in his authentication data storage unit. By changing the stored license key to a new key, only the authorized license key registrant can authenticate with the new license key, and the unauthorized use of the software can be reliably prevented. The effect is obtained.

  According to the invention of claim 3, when the license authentication server matches the authentication data transmitted from the information processing terminal and the authentication data stored in the authentication data management unit, a new authentication key is obtained. Because it is generated, there is no need to consider conflicts with other license keys as compared to when generating a new license key, so it is possible to generate an arbitrary authentication key by randomly generating an authentication key. Can be easily obtained.

  Furthermore, according to the invention of claim 4, when the license authentication server matches the authentication data transmitted from the information processing terminal and the authentication data stored in the authentication data management unit, a new license key is created. Therefore, there is an effect that only the license key can be verified without the same license key.

  Still further, according to the invention of claim 5, when the license authentication server matches the authentication data transmitted from the information processing terminal and the authentication data stored in the authentication data management unit, a new license key is generated. Since the authentication key is generated, it is very difficult for an unauthorized user to match the authentication data.

  According to the invention of claim 6, since the information processing terminal stops the activation of the software when the communication with the license authentication server is abnormal, the use of the software offline is surely prevented. The effect that it can be obtained.

  Further, according to the invention of claim 7, since it is determined that the communication result is abnormal when a state in which communication with the license authentication server is impossible is detected, it is possible to reliably prevent offline use of software. The effect that it can be obtained.

  Furthermore, the invention according to claim 8 is configured to determine that the communication result is abnormal when a new key cannot be received in response to the authentication request requested by the authentication request unit. When the user makes an authentication request and the authentication data does not match, the use of the software can be surely prevented.

  Still further, according to the ninth aspect of the present invention, either when a state in which communication with the license authentication server is impossible is detected or when a new key cannot be received in response to the authentication request requested by the authentication request unit. If the communication result is abnormal, the software is used when communication with the license authentication server is not possible and when a new key cannot be received even if communication with the license authentication server is possible. The effect that it can prevent reliably is acquired.

  According to the eleventh aspect of the invention, the step of requesting a license authentication by transmitting authentication data comprising a combination of a license key and an authentication key stored at the time of software installation at the time of activation to the license authentication server is requested. The activation is continued when a new key of at least one of the license key and the authentication key generated by the license authentication server is received in response to the authentication request, and the key corresponding to the received new key is updated and stored. And a license authentication program that is executed by a computer of an information processing apparatus capable of communicating with the license authentication server. By installing the license authentication program in the information processing terminal together with software, the information processing terminal side Authentication processing in Effect that can be performed.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 is a system configuration diagram showing an embodiment of the present invention. In FIG. 1, reference numeral 1 denotes a license authentication server. A number of information processing terminals 2 are connected to the license authentication server 1 via a network 3 such as the Internet. It is connected.

  The license authentication server 1 executes software license authentication, processing for authenticating whether or not the user is an authorized user who is a target of a predetermined service, and the like. As shown in FIG. 2, the license authentication server 1 includes an operation system OS that executes basic operations of the license authentication server 1, a server-side authentication system AS, and authentication data including a license key and an authentication key for each software. And an authentication database DB that constitutes an authentication data management unit for managing the server, and the server-side authentication system AS performs verification of the license key and authentication key provided for each authentication target, and also verifies the license key and authentication key. A license authentication program for generating a new authentication key when they match is provided.

  This authentication program executes the license authentication process shown in FIG. In the license authentication process, first, in step S1, it is determined whether or not there is a connection request from the information processing terminal 2. If there is no connection request, the process waits until there is a connection request, and if there is a connection request, the process proceeds to step S2. It is determined whether or not the license key and the authentication key have been received. If the license key and the authentication key have not been received, the process proceeds to step S3 to determine whether or not a predetermined time has elapsed since the connection request. When the predetermined time has not elapsed, the process returns to step S1, and when the predetermined time has elapsed, the process proceeds to step S4 to disconnect the connection with the information processing terminal 2 and then returns to step S1.

  On the other hand, if the determination result in step S2 is that the license key and the authentication key are received, the process proceeds to step S5, where it is determined whether or not the received license key is registered in the authentication database DB, and the received license is received. When the key is registered in the authentication database DB, the process proceeds to step S6, where the authentication data that is a combination of the license key and the authentication key registered in the authentication database DB and the authentication that is the combination of the received license key and the authentication key The data is collated, and it is determined whether or not they match.

  If the received authentication data matches the authentication data registered in the authentication database DB, the process proceeds to step S7 to generate a new authentication key not registered in the authentication database DB, and then step S8. The process proceeds to step S9, after the generated new authentication key is transmitted to the corresponding information processing terminal 2, and the process proceeds to step S9.

  In this step S9, it is determined whether or not an update completion notification indicating that a new authentication key update has been completed has been received from the information processing terminal 2 as the transmission destination. If no update completion notification has been received, the process proceeds to step S10. It is determined whether or not a predetermined time has elapsed since the transmission of a new authentication key. If the predetermined time has not elapsed, the process returns to step S9. If the predetermined time has elapsed, the process proceeds to step S4. To do.

  If the determination result in step S9 is that an update completion notification has been received from the information processing terminal 2 as the transmission destination, the process proceeds to step S11, and the generated new authentication key is assigned to the license key corresponding to the authentication database DB. Next, the process proceeds to step S12, a server-side update completion notification is transmitted to the corresponding information processing terminal 2, and then the process proceeds to step S13 to perform a connection disconnection process from the information processing terminal 2. If the disconnection process is performed, the process returns to step S1. If the disconnection process from the information processing terminal 2 is not performed, the process proceeds to step S4.

  If the determination result in step S6 indicates that the authentication data composed of the license key and the authentication key does not match, the process proceeds to step S14, and the inconsistency count N is incremented by “1” and then the process proceeds to step S15. It is determined whether or not the number N of inconsistencies exceeds a preset set value Ns. If N ≦ Ns, it is determined that it is within the allowable range, and the process proceeds to step S7, where N> Ns. If it is determined that the allowable range has been exceeded, the process proceeds to step S16, where a new license key that does not exist in the authentication database DB is generated and registered in the authentication database DB, and the old license key is invalidated. The process proceeds to step S17.

  In this step S17, the user's e-mail address registered in correspondence with the invalidated old license key stored in the authentication database DB is read, and a change e-mail in which the new license key is described in the corresponding e-mail address is sent. Then, the process proceeds to step S18, the authentication failure information is transmitted to the corresponding information processing terminal 2, and then the process proceeds to step S13.

  Furthermore, when the license key received as a result of the determination in step S5 is not registered in the authentication database DB, the process proceeds to step S18.

  In the processing of FIG. 3, the processing of steps S1 to S7 corresponds to the key generation means, the processing of step S8 corresponds to the key transmission means, the processing of step S14 corresponds to the mismatch number counting means, and steps S15 and S16 This process corresponds to the license key update means, and the process of step S17 corresponds to the license key update notification means.

  Further, as shown in FIG. 4, the authentication database DB stores a management table TB that stores a license key, an authentication key, the number N of inconsistencies occurring, and a user mail address in association with each other.

  Each information processing terminal 2 is installed or installable with software for performing license authentication by the license authentication server 1, and has the configuration shown in FIG. That is, a central processing unit (CPU) 21, a ROM 22 that stores programs, data, parameters, and the like for executing arithmetic processing in the central processing unit 21, and data and arithmetic results required in the arithmetic processing process in the central processing unit 21 An arithmetic processing unit 24 having a RAM 23 for storing, a communication control unit 26 connected to the network 3 connected to the central processing unit 21 via a system bus 25, an operation system, application software constituting a software, a communication program, etc. For example, an external storage device 27 composed of a hard disk, a display control unit 29 for controlling a display device 28 such as a liquid crystal display, an input device 30 such as a keyboard and a mouse, and the like.

  Here, in the external storage device 27, a software storage unit 27a that stores software such as the above-described operation system and application software, and an authentication data storage unit that stores authentication data including a license key and an authentication key of the application software 27b.

  Further, when application software that requires online authentication is installed in the software storage unit 27a for the above-described license authentication server 1, an authentication registration process is performed at the time of installation, and a license key accompanying the application software and a user email By transmitting the address to the license authentication server 1, the license authentication server 1 generates an authentication key, and the generated authentication key and the user's email address are stored in a column corresponding to the license key in the management table TB. When the generated authentication key is transmitted to the corresponding information processing terminal 2 and the authentication key generated by the information processing terminal 2 is received, the license key and the authentication key are stored in the authentication data storage unit 27b.

  When the corresponding application software is started after the authentication registration process is completed, the online authentication process shown in FIG. 6 is executed.

  In this online authentication process, first, in step S31, a connection process for connecting to the license authentication server 1 is performed, and then the process proceeds to step S32 to determine whether or not the connection is successful. Moving to S33, when communication with the license authentication server 1 is disabled, it is determined whether or not application software activation is permitted. If application software activation is permitted, step S45 described later is performed. When the activation of the application software is not permitted, the process proceeds to step S34, the connection with the license authentication server 1 is disconnected, and then the process proceeds to step S35 to complete the activation of the application software and online Display device 28 displays a message indicating that authentication failed. To end an online authentication process from running the Authentication failure processing to be displayed.

  If the determination result in step S32 is that the connection with the license authentication server 1 is successful, the process proceeds to step S36, and the license key and the authentication key stored in the authentication data storage unit 27b are read, Next, the process proceeds to step S37, the read license key and authentication key are transmitted to the license authentication server 1, and then the process proceeds to step S38.

  In this step S38, it is determined whether or not a new authentication key has been received from the license authentication server 1, and if a new authentication key has not been received, the process proceeds to step S39 to determine whether or not a predetermined time has elapsed. When the predetermined time has not elapsed, the process returns to step S38, and when the predetermined time has elapsed, the process proceeds to step S34.

  If the determination result in step S38 is that a new authentication key is received from the license authentication server 1, the process proceeds to step S40, and the received new authentication key is updated and stored in the authentication data storage unit 27b. Next, the process proceeds to step S41, an update completion notification is transmitted to the license authentication server 1, and then the process proceeds to step S42 to determine whether an update completion notification is received from the license authentication server 1, and the update is completed. When the notification is received, the process proceeds to step S45. When the update completion notification is not received, the process proceeds to step S43, and it is determined whether a predetermined time has elapsed after the update completion notification is transmitted. When the time has not elapsed, the process returns to step S42. When the predetermined time has elapsed, the process proceeds to step S44, and the update completion notification is made. It determines whether or not allow the activation of the application software when not receiving, if not allowed to start, the process proceeds to step S34, if you allow activation proceeds to step S45.

  In step S45, it is determined that the online authentication has been normally completed, and the connection with the license authentication server 1 is disconnected. Then, the process proceeds to step S46, where the application software activation process is performed and the online authentication process is terminated. .

  In the process of FIG. 6, the processes of steps S31, S32, S36 and S37 correspond to the authentication request means, and the processes of steps S38, S40 to S43, S45 and S46 correspond to the execution permission means.

  Next, the operation of the above embodiment will be described.

  The management table TB in the authentication database DB of the license authentication server 1 issues a unique license key in which, for example, a predetermined number of alphanumeric characters are arranged in accordance with a predetermined algorithm every time application software is manufactured. Are sequentially stored in the management table TB.

  In this state, the user who purchased the application software installs the application software in the information processing terminal 2, and performs license authentication registration processing within a predetermined day from the time of installation or from the time of installation. When the user's e-mail address is transmitted to the license authentication server 1, it is determined whether or not the corresponding license key is registered in the management table TB of the authentication database DB. In addition, the e-mail address is registered in the column corresponding to the corresponding license key in the management table TB, a new authentication key that is not registered in the authentication database DB is generated, and this is transmitted to the corresponding information processing terminal 2. New in information processing terminal 2 Upon receiving a Do authentication key, which is stored with the license key in the authentication data storage unit 27b.

  When the license authentication registration process is completed, the user can use the application software properly. When this application software is activated on the information processing terminal 2, the online authentication process of FIG. 6 is executed.

  For this reason, as shown in FIG. 7, when communication is started from the information processing terminal 2 to the license authentication server 1 via the port 80 and the connection is established, the information is stored in the authentication data storage unit 27b from the information processing terminal 2. The license key and the authentication key being sent are transmitted to the license authentication server 1.

  When the license authentication server 1 receives the license key and the authentication key from the information processing terminal 2, it first determines whether or not the license key is registered in the management table TB. In this case, since the license authentication registration process is performed in the information processing terminal 2 at the time of installation of the application software or for a predetermined day from the time of installation, the corresponding license key exists in the management table TB, and then the received license key and authentication Since the key matches the license key and the authentication key registered in the management table TB, a new authentication key that does not exist in the management table TB is generated, and this new authentication key is transmitted to the information processing terminal 2.

  When the information processing terminal 2 receives a new authentication key, it updates and stores this authentication key in the authentication data storage unit 27b to overwrite the previous authentication key. When this is completed, an update completion notification is sent to the license authentication server 1. Send to.

  When the license authentication server 1 receives the update completion notification from the information processing terminal 2, the license authentication server 1 updates and stores the generated new authentication key over the field corresponding to the corresponding license key in the management table TB, and then sends the update completion notification. When the information processing terminal 2 receives the update completion notification from the license authentication server 1 and transmits it to the information processing terminal 2, the connection software is disconnected and the application software activation process is executed.

  As a result, the application software starts up on the information processing terminal 2 and can be used.

  In this way, every time the user starts the application software, the online authentication process is executed, and a new authentication key is generated in the license authentication server 1, and the generated new authentication key is used as the information processing terminal 2 and the license authentication. It is sequentially updated and stored in the server 1.

  For this reason, when the user installs application software on one information processing terminal 2 and continues to use it, new authentication keys are sequentially updated and stored in the authentication data storage unit 27b, and license authentication is performed. Since it is the same as the authentication key registered in the management table TB of the server 1, the application software can be activated.

  In this way, when performing online authentication, online authentication can be performed simply by transmitting authentication data consisting of a combination of a license key and an authentication key, and a hardware MAC address such as a hard disk, motherboard, or LAN board is required. Therefore, even if a part of the hardware of the information processing terminal 2 is defective and the hardware is replaced, if the current license key and the authentication key are stored in the authentication data storage unit 27b, Application software can be used by performing online authentication without performing a valid authentication registration. At this time, even if the entire information processing terminal 2 is replaced, the application software is installed in a new information processing terminal and the latest license key and authentication key are copied and stored in the authentication data storage unit. Continuous use is possible.

  However, for example, when an abnormality occurs in, for example, the hard disk in which the authentication data storage unit 27b is stored and the hard disk is replaced, when the current authentication data stored in the authentication data storage unit 27b cannot be copied, When the operation system and application software are installed in a new hard disk and the application software is started, the online authentication process of FIG. 6 is executed. However, the license data may be stored in the authentication data storage unit 27b when the application is installed. However, since the current authentication key cannot be stored, the license key stored in the authentication data storage unit 27b and the authentication key having a predetermined number of digits of “0” are transmitted to the license authentication server 1. To do When the license authentication server 1 does not match the authentication key, the process proceeds from step S6 to step S14 to increment the number of mismatches N. However, since the number of mismatches N does not reach the set value Ns, the process proceeds to step S7. Since a new authentication key is generated and transmitted to the information processing terminal 2, the new authentication key is updated and stored in the authentication data storage unit 27b of the information processing terminal 2. When this update storage is completed, an update completion notification is transmitted to the license authentication server 1, whereby a new authentication key is updated and stored in the management table TB of the license authentication server 1, and an update completion notification is transmitted to the information processing terminal 2. Thus, the application software activation process is performed in the information processing terminal 2.

  Therefore, after that, when the application software is restarted after the application software is terminated, the authentication key stored in the authentication data storage unit 27b is the latest authentication key. Application startup processing can be performed.

  However, when the user has a plurality of information processing terminals 2, installs application software in each information processing terminal 2, and uses the plurality of information processing terminals 2 alternately to start the application software, When the same application software is started up using the different information processing terminal 2 from the information processing terminal 2 that first performed the online authentication processing, the latest authentication key has not been input to this information processing terminal 2, so the license authentication server 3, when the mismatch count N is incremented and the switch count N is less than the set value Ns, application software activation processing is performed. When the number N of mismatches becomes equal to or greater than the set value Ns when The process moves from step S15 to step S16, a new license key not registered in the management table TB is generated, the old license key is invalidated, and an e-mail recording the generated new license key is stored in the management table TB. The information is transmitted to the registered user's e-mail address, and then authentication failure information is transmitted to the information processing terminal 2.

  For this reason, the activation of the application software is stopped at the information processing terminal 2 and the use thereof becomes impossible. For this reason, it becomes impossible to install and use application software on a plurality of information processing terminals 2, and the user stores a new license key in the authentication data storage unit 27b on the single information processing terminal 2 and uses the application software. Will be forced to start.

  Similarly, when a third party illegally installs application software purchased by a user on another information processing terminal, or when data on the hard disk is illegally copied to another information processing terminal, Since the mismatch count N is incremented every time the user accesses the license authentication server 1 alternately, a new license key is generated when the mismatch count N exceeds the set value Ns. Since only a legitimate user updates a new license key in the authentication data storage unit 27b, an unauthorized user can perform online authentication because the old license key is invalidated. When the process is performed, the process proceeds from step S5 to step S18, and authentication failure information is transmitted to the information processing terminal 2. Becomes Rukoto, it will not perform the start-up process of the application software.

  Even if the user is an authorized user, when the application software is started without connecting to the network, the connection to the license authentication server 1 is impossible. By disabling the activation of the application software, the application software cannot be activated, and the use of the application software in a stand-alone manner can be prevented.

  As described above, according to the above embodiment, the online authentication process is executed each time the application software is activated on the information processing terminal 2 in which the application software is installed, and the license key and the authentication key are transmitted to the license authentication server 1. When the license authentication server 1 matches the license key and the authentication key stored in the management table TB, a new authentication key is generated and transmitted to the information processing terminal 2, whereby the information processing terminal 2 Since the authentication key of the authentication data storage unit 27b is updated, only one information processing terminal can be activated for one application software, so that unauthorized use of the application software can be surely prevented and at the time of online authentication Does not require hardware MAC address etc. Since, it is possible to perform replacement or hardware, the exchange of the information processing terminal itself freely.

  In the above embodiment, the case where the use of application software is prohibited when the information processing terminal 2 cannot connect to the license authentication server 1 has been described. However, the use of the application software may be permitted only for a predetermined number of times or for a predetermined number of days.

  In the above embodiment, the case where a new authentication key is generated at the time of an online authentication request has been described. However, the present invention is not limited to this, and a new license key or both a new license key and an authentication key are generated. You may make it do. Moreover, when generating a new authentication key, the case of generating an authentication key that does not exist in the management table TB has been described. However, the present invention is not limited to this, and verification is performed in combination with a license key. An arbitrary key may be generated.

  Furthermore, in the above-described embodiment, the case where online authentication is performed at the time of starting application software has been described. However, the present invention is not limited to this, and other operation systems, hardware startup, and access accompanying authentication to any server Sometimes online authentication may be associated.

It is a system configuration figure showing one embodiment of the present invention. It is a figure which shows the software-like system structure of a license authentication server. It is a flowchart which shows an example of the license authentication process procedure performed with a license authentication server. It is a figure which shows the data structure of authentication database DB. It is a block diagram which shows the specific structure of an information processing terminal. It is a flowchart which shows an example of the online authentication processing procedure performed with an information processing terminal. It is a figure which shows a communication procedure.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... License authentication server, 2 ... Information processing terminal, 3 ... Network, AS ... Server side authentication system, DB ... Authentication database, TB ... Management table, 24 ... Operation processing part, 25 ... System bus, 26 ... Communication control part, 27 ... External storage device, 27a ... Software storage unit, 27b ... Authentication data storage unit, 28 ... Display device, 29 ... Display control unit, 30 ... Input device

Claims (11)

In a license authentication system comprising: a license authentication server that performs license authentication; and an information processing terminal installed with software that requires license authentication connected to the license authentication server via a network;
The license authentication server stores an authentication data management unit that manages authentication data including a combination of a license key and an authentication key of the software, authentication data transmitted from the information processing terminal, and the authentication data management unit. A key generation unit that compares the authentication data and generates a new key for either one of the license key and the authentication key when the two match, and registers the generated new key in the authentication data management unit; Key transmitting means for transmitting a new key generated by the key generating means to the information processing terminal, the information processing terminal comprising: an authentication data storage unit for storing initial authentication data when the software is installed; The authentication data stored in the authentication data storage unit before the license authentication request at startup Authentication request means for transmitting to the license authentication server, and permission to execute the software when a new key is received in response to the authentication request requested by the authentication request means, and storing it in the authentication data storage unit A license authentication system comprising: an execution permission unit that updates a key corresponding to a new key.   The authentication data management unit of the license authentication server compares the authentication data transmitted from the information processing terminal with the managed authentication data, and counts the number of mismatches when both do not match. And a license key that generates a new license key when the number of mismatches counted by the mismatch count counting means exceeds a predetermined number, and updates and stores the combination of the generated license key and authentication key in the authentication data management unit An update means, and a license key update notification means for notifying a license key generated to an authorized license key registrant when the license key is updated by the license key update means. Item 4. The license authentication system according to Item 1.   The key generation unit generates a new authentication key that does not exist in the authentication data management unit when the authentication data transmitted from the information processing terminal matches the authentication data stored in the authentication data management unit. The license authentication system according to claim 1, wherein the license authentication system is configured as described above.   The key generation unit generates a new license key that does not exist in the authentication data management unit when the authentication data transmitted from the information processing terminal matches the authentication data stored in the authentication data management unit. The license authentication system according to claim 1, wherein the license authentication system is configured as described above.   When the authentication data transmitted from the information processing terminal coincides with the authentication data stored in the authentication data management unit, the key generation unit generates a new authentication key and license that do not exist in the authentication data management unit. 3. The license authentication system according to claim 1, wherein the license authentication system is configured to generate a key.   The information processing terminal has communication result determination means for determining whether or not the communication result with the license authentication server is normal when the software is started, and the determination result of the communication result determination means is that the communication result is normal. 6. The apparatus according to claim 1, further comprising a start control unit that continues the start of the software when the communication result is normal and stops the start of the software when the communication result is abnormal. The described license authentication system.   The communication result determination unit is configured to determine that the communication result is abnormal when detecting a state in which communication with the license authentication server is impossible. License authentication system.   The communication result determination unit is configured to determine that the communication result is abnormal when a new key cannot be received in response to the authentication request requested by the authentication request unit. The license authentication system described in 1.   When the communication result determination means detects a state where communication with the license authentication server is impossible, or when a new key cannot be received for the authentication request requested by the authentication request means. The license authentication system according to claim 6, wherein the license authentication system is configured to determine that the communication result is abnormal. In a license authentication method for performing license authentication from an information processing terminal in which software that requires license authentication is installed via a network to a license authentication server that performs license authentication,
The license authentication server has an authentication data management unit that manages authentication data that is a combination of a license key and an authentication key of the software, and when the authentication data is received from the information processing terminal, When the authentication data stored in the authentication data management unit is compared and the two match, a new key is generated for either the license key or the authentication key, and the generated new key is used as the authentication data management unit. And a step of transmitting a new key generated by the key generation means to the information processing terminal, wherein the information processing terminal stores initial authentication data when the software is installed. Authentication data stored in the authentication data storage unit when the software is started up. A step of sending a license authentication request to the license authentication server, and permitting execution of the software when a new key is received in response to the requested authentication request, and a new one stored in the authentication data storage unit And a step of updating a key corresponding to the correct key. A step of sending a license authentication request to the license authentication server by sending authentication data comprising a combination of the license key and the authentication key stored at the time of software installation to the license authentication server, and the license authentication server generating the requested authentication request And a step of continuing the activation when a new key of at least one of the license key and the authentication key is received, and updating and storing a key corresponding to the received new key. A license authentication program that is executed by a computer of a terminal.

Images