JP3840399B2 - Method and program for preventing unauthorized use of software, and storage medium - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a method for preventing unauthorized use of software, a computer program according to the method, and a storage medium storing the program, and in particular, by using key data specific to a specific computer that normally uses the software. It is intended to prevent unauthorized use of the software on another computer. For example, to prevent unauthorized use when using installed software, or to prevent unauthorized copying when installing software on a computer. It is useful.
[0002]
[Prior art]
A typical example of a conventional technique for preventing unauthorized use or unauthorized copying of software is a method by inputting a password. This is a method of permitting the use or copying of software only when a predetermined password acquired from a license provider is input. However, with this method, if the same password is used, the same software can be used or copied on another computer, and the password can be easily communicated to others. It is clearly incomplete and cannot protect the rights of the software author.
[0003]
A hardware key method is also used to more reliably prevent unauthorized copying of software. In this method, hardware having specific information is used as a key, and it is a method of permitting the use of software by determining whether the hardware is connected to a computer. Since key hardware cannot be copied easily, illegal copying can be prevented more reliably by this method. However, since the cost is high, there is a problem that it can be applied only to some expensive software. . In addition, this method is completely unsuitable for a recent software distribution form in which software is easily provided and traded online via a communication network.
[0004]
In order to realize a function similar to the above at low cost, there is an unauthorized copy prevention method using an inexpensive recording medium. This provides software in a form recorded on a portable recording medium such as a floppy disk, and by writing predetermined data to the recording medium at the time of installation execution, the next and subsequent installations using this recording medium It is a method to restrict. However, since it is necessary to take the form recorded on a portable recording medium when distributing software, this method is also the latest software distribution that provides and sells software online easily via a communication network. It is totally unsuitable for form. In addition, there is a problem that it cannot be applied to a computer that does not have a recording medium read / write device, or that a new new recording medium is required when an authorized user reinstalls the software.
[0005]
As described above, an unauthorized copy prevention method that does not use unique information for identifying a computer cannot prevent unauthorized copying to another computer by itself. That is, there is a problem that copying can be easily performed using the same recording medium, key data such as a serial number or a password.
On the other hand, as a method of avoiding such easy unauthorized copying, a method of preventing unauthorized copying using information unique to the operating system is considered. This is because a unique ID number is assigned to each operating system of an individual computer, and the software side has key information so that it can recognize the dedicated operating system ID number and uses the software. The ID number of the operating system is collated using the key information on the software side to determine whether or not the software can be used in a computer having the OS. Although this method can effectively prevent unauthorized copying as compared with the above-described conventional example, since the program of the target software must be created as a different program for each operating system, it takes time to create the software. There is a problem. In addition, there is a problem that it cannot be applied to “cross-platform” type software that can operate on any different OS that has recently been distributed.
[0006]
[Problems to be solved by the present invention]
The present invention has been made to solve the above-described various problems or problems, and does not require a hardware key or a portable recording medium, and is not limited by an operating system, and only software processing. Thus, an object of the present invention is to provide a method capable of preventing unauthorized use of target software, a computer program according to the method, and a storage wave medium storing the program.
[0007]
[Means for Solving the Problems]
  The present inventionClaim 1The software illegal use prevention method related toGet a licenseUser's computerProcessing of the computerA first step of detecting characteristics of the file system and generating unique information based on the detected characteristics of the file system, and a software license provider side based on the unique information generated in the first stepBy computer processingA second step of generating key data and providing the key data to the user; and a computer to use the softwareProcessing of the computerA third step of detecting characteristics of the file system and generating specific information based on the detected characteristics of the file system;By the processing of the computer trying to use the software,The unique information based on the characteristics of the file system corresponding to the key data and the unique information based on the characteristics of the file system generated in the third stepComparisonAnd a fourth step of determining whether or not the software can be used based onA fifth step of storing the key data provided to the user in the second step in a memory provided in a computer to use the software, and the software in the fourth step. The content of the key data stored in the memory is updated so as to conform to the unique information based on the characteristics of the file system generated in the third step, with at least one condition that the file is determined to be usable And the sixth stepIt comprises.
  According to a third aspect of the present invention, there is provided a software illegal use prevention method for detecting characteristics of a file system of a computer by processing of a computer of a licensed user and generating unique information based on the detected characteristics of the file system. And a second step of generating key data by computer processing on the software license provider side based on the unique information generated in the first step and providing the key data to the user. A third step of detecting characteristics of the file system of the computer by processing of the computer to use the software, and generating unique information based on the detected characteristics of the file system, and using the software Depending on the processing of the computerThe difference between the unique information based on the feature of the file system corresponding to the key data and the unique information based on the feature of the file system generated in the third step is calculated, and the difference according to the magnitude of the difference Determining software availabilityAnd a fourth step.
  As an example, the method includes a step of restoring unique information based on characteristics of the file system from the key data provided to the user. In the fourth step, the unique information based on characteristics of the restored file system includes: Unique information based on the characteristics of the file system generated in the third step;InBased on this, it is determined whether or not the software can be used.
[0008]
An outline of the method according to the present invention will be described.
First, as a pre-stage process for issuing unique key data to the user, the characteristics of the file system of the specific computer used by the user are detected, and unique information is generated based on the detected characteristics of the file system. (First step). This user is, for example, a person who has purchased the intended software or indicated the intention to purchase. The feature of the computer file system can be detected, for example, by reading the computer file system information. This file system information is information unique to each individual computer, such as “fingerprint”. That is, the file system of a certain user's computer (specific computer) shows a file usage history unique to that user, and this can be used as specific information. Since this first step only needs to detect the characteristics of the file system of the computer (for example, read the file system information), it can be performed by pure software processing, and no special hardware key or portable recording medium is required. is there.
[0009]
The unique information based on the file system information read by the computer on the user side is passed to the software license provider via the communication network or any other means. The software license provider generates unique key data based on unique information based on the characteristics of the file system (second step). For example, unique key data is generated by converting unique information based on the characteristics of the file system according to a predetermined encryption algorithm. The generated key data is provided to the user via a communication network or any other means. In this way, the key is issued to the user by the license provider, so that the user is authorized (that is, user registration is performed).
[0010]
On the user side, the characteristics of the file system of the computer that intends to use the software are detected, and unique information is generated based on the detected characteristics of the file system (third step). This feature of the file system can also be detected by reading the file system information of the computer, for example. Hereinafter, the unique information based on the read file system information will be referred to as “current file system information” for convenience. The “current” here does not need to be a strict current time point, and may be file system information at a time point before the present time (however, after the key data is created).
[0011]
  On the user side, the unique information based on the characteristics of the file system corresponding to the key data and the unique information based on the characteristics of the file system generated in the third step (that is, “current file system information”)ComparisonTo determine whether the software can be used or not (fourth step). In this case, the user side may include a step of restoring unique information based on the characteristics of the file system from the provided key data. This restoration can be performed, for example, by performing inverse transformation of the predetermined encryption algorithm. In that case, in the fourth step, the unique information based on the characteristics of the restored file system is compared with the unique information based on the characteristics of the file system generated in the third step, and both information Whether to use the software is determined based on the coincidence or similarity. As another example, unique information based on the characteristics of the file system generated in the third step (that is, “current file system information”) is converted into key data, and in the fourth step, the provided information is provided. The availability of the software may be determined by comparing the key data with the converted key data. In short, it is only necessary to determine whether or not software can be used based on the characteristics of the file system.
  On the user side, the key data provided by the license provider may be stored as appropriate, and the unique information based on the file system information may be restored based on the stored key data. However, it is not always necessary to store the key data on the user side. For example, there is a method of receiving provision from a license provider when necessary.
[0012]
For example, when the key data is created, that is, from the time of registration, if the file system information of the user computer is not changed, the file system information matches. This means that the current computer on the user side is clearly the same as the computer related to the file system information from which the key data was created at the time of registration. Therefore, of course, the use of software is permitted. For example, the case where the fourth step is executed subsequently at the time of user registration corresponds to the case of such a perfect match.
Naturally, the contents of the file system information change with the use of the user's computer. In such a case, the file system information restored from the key data is different from the “current file system information” detected in the third step, but the difference between the two is different in the fourth step. If it is within the allowable range, the similarity is recognized, the computer used on the user side is recognized as being unchanged, and the use of the software is permitted. On the other hand, when trying to use the software on a computer other than the computer authorized at the time of registration (the computer related to the file system information from which the key data is created), it was detected in the third step. Since the “current file system information” is file system information of the other computer, it is quite different from the file system information restored based on the key data. Therefore, in the fourth step, it is determined that there is no match or similarity between them, that is, the difference between the two is out of the allowable range, and the use of the software is disabled.
[0013]
Thus, according to the present invention, focusing on the file system information of the computer as information unique to the individual computer on the user side, key data unique to the individual computer is created based on the file system information, and the software Since the file system information in the computer to be used is evaluated by using the key data to determine whether or not the use is possible, unauthorized use can be prevented on the basis of a complete software processing and communication. It is ideal as a measure to prevent unauthorized use of software distributed over a network, and it does not require a hardware key, and the trouble of having to provide the target software in the form of a special portable recording medium Low cost, and each operator on the software provider's side There is no need to create the target software for each operating system, and since it is not restricted by the operating system, it can be applied to "cross platform" type software, and so on. .
[0014]
Note that the use of software in a computer includes all of various usage forms. For example, (1) installing the software on the computer, (2) starting the installed software on the computer and actually executing the program, or (3) copying the software, and so on. Therefore, the availability determination in the fourth step is, for example, (1) when installing software in a computer, or (2) when starting software on a computer (when starting a software program). Or (3) when copying software, it may be executed at at least one point of time. If it is determined that the software cannot be used, the use is prohibited, that is, (1) the installation process is canceled, (2) the activation of the software is prohibited, or (3) the software is copied. Is prohibited. Usually, if (1) prohibition of installation and (2) prohibition of software activation are performed, it is possible to prevent unauthorized use of the software, assuming that copying is possible. It is sufficient to perform at least one of (2) prohibition of installation and (2) prohibition of activation of software. Of course, the present invention is not limited to this. (3) Even if only copying of software is prohibited, the effect of preventing illegal use of software can be obtained. In short, the availability determination in the fourth step can produce an effect specific to the present invention as it is at any time. In addition, at least one or more locations in the target software (or any one or more points in time during execution of the software), at least the availability determination in the fourth step is performed. Good. Then, even if an unauthorized user invalidates the availability determination function at a certain location (for example, at the time of installation), the availability determination function can be exhibited at another location.
[0015]
Further, since there are various methods for comparing file system information performed in the fourth step, an appropriate method may be adopted. As an example, the match / mismatch of individual files is compared and determined, and the degree of similarity of the entire file system information is determined from the degree of match / mismatch. As a method for making such a determination quantitatively, a difference or mismatch function value between the two file system information is calculated, and the availability of the software is determined according to the magnitude of the difference or the function value. As another method, it is possible to determine the similarity of both file system information by a pattern recognition method.
[0016]
By the way, even if the computer is authorized by a software provider, the file system information changes with use. For this reason, the difference between the original file system information (at the time of user registration) restored by the key data and the current file system information becomes large as it is, and it will be judged as dissimilar beyond the allowable range. It might be. In order to cope with this, it is preferable to adaptively update the contents of the key data so as to match the current file system information. That is, key data is stored in the user computer, and in the fourth step, determination processing is performed using the stored key data (for example, the original file system information is restored from the stored key data). Used for comparison processing). Then, on the basis of at least one condition that the software is determined to be usable in the fourth step, the stored key data is adapted to the file system information detected in the third step. A step of updating the contents is further included. The reason that at least one condition is that the software is determined to be usable in the fourth step is to adaptively update the contents of the key data only when the regular use is confirmed. Further, an appropriate condition may be added to adaptively update the contents of the key data. For example, it is best to always update the software every time it is determined that the software can be used in the fourth step. However, the present invention is not limited to this, and a condition that updates are performed at appropriate time intervals is added. May be.
[0017]
  The present invention can be implemented not only as a method invention but also in the form of a computer program according to the method or a storage medium storing the program. For example, the present inventionClaim 10The computer program according to claim 1 detects a characteristic of a file system of a user's computer and outputs unique information based on the detected characteristic of the file system.And the outputSpecific informationBased onLicense provider of the softwareofOn the sideGeneratedUnique key data corresponding to the unique informationTheA second step of receiving from the license provider side, and a third step of detecting a characteristic of a file system of a computer to use the software and generating unique information based on the detected characteristic of the file system; Specific information based on the characteristics of the file system corresponding to the key data and specific information based on the characteristics of the file system generated in the third step.ComparisonAnd a fourth step of determining whether or not the software can be used based onThe fifth step of storing the key data provided to the user in the second step and the determination that the software is available in the fourth step as at least one condition, A sixth step of updating the content of the stored key data so as to conform to the unique information based on the characteristics of the file system generated in step 3;It comprises.
[0018]
DETAILED DESCRIPTION OF THE INVENTION
Hereinafter, an embodiment of the present invention will be described in detail with reference to the accompanying drawings.
FIG. 1 is a functional block diagram for explaining the principle of a method for preventing unauthorized use of software according to the present invention. Block 10 shows a computer system on the side of a software license provider (hereinafter referred to as licensor), and block 20 is A computer system of a software user (hereinafter referred to as a user) is shown.
[0019]
In the computer system 20 on the user side, as is well known, an appropriate operating system (hereinafter abbreviated as OS) 22 is mounted on the computer hardware 21, and various programs and data “files” are stored in the storage device. Thus, the file system 23 is constructed. This file system 23 has a directory hierarchical structure as is generally known. The computer system 10 on the licensor side has the same configuration, but it is not important and is not shown.
[0020]
A block 24 in the computer system 20 on the user side is a part of a program that realizes the software illegal use prevention method according to the present invention, and the processing executed by the program is conceptually shown by functional blocks. As an example, a program for realizing a method for preventing unauthorized use of software according to the present invention includes (1) a registration program and (2) a protect program. In FIG. 1, the dotted arrows generally indicate the flow of processing when registering according to (1) the registration program, and the solid arrows indicate the flow of processing when using software according to (2) the protect program. The (1) registration program and (2) protect program are configured separately in the example described below, but may be configured integrally.
[0021]
FIG. 2 is a diagram showing an example of the structure of software that is a target of the unauthorized use prevention method according to the present invention, in relation to (1) a registration program and (2) a protection program. FIG. 1A shows an example in which (1) a registration program is supplied separately from the target software. In this case, (1) the registration program is provided in advance to a user who intends to receive the provision of the target software (for example, to purchase) from the side of the licensor that provides the target software. . The target software is provided to the user after a predetermined registration procedure described later is completed. The target software includes a “main program” that is the main body of the software, an “installation program” that operates when the software is installed on the computer, and a start of the installed software (execution start) (2) A protect program is attached. (2) The protect program is called by at least one of the “install program” and the “start program”, and unauthorized use prevention processing according to the present invention is executed at least at the time of installation and at the time of start. Further, as will be described later, the protect program may be called at any one or a plurality of locations in the target software to execute the unauthorized use prevention processing according to the present invention.
[0022]
FIG. 5B shows an example in which the target software includes not only the (2) protect program but also the (1) registration program. In this case, the target software is provided before the predetermined registration procedure described later, but there is no particular problem because the software cannot be used unless the predetermined registration procedure is completed.
In FIG. 8C, only (1) registration program and (2) protect program are provided to the user first, and the target software is provided to the user after a predetermined registration procedure described later is completed. An example is shown.
In the following description, as in the example of FIG. 2A, (1) a registration program is first provided to the user, and after the predetermined registration procedure is completed, (2) the target software with the protect program is sent to the user. A description will be given assuming that it is provided. The provision of these programs or software from the licensor to the user can be performed online via a communication network.
[0023]
FIG. 3 is a flowchart schematically showing the flow of the software use registration procedure, which is the first stage of the unauthorized use prevention method according to the present invention. This registration procedure is started by activating the registration program provided to the user from the licensor on the user's computer. Mainly, steps S1, S2 and S4 of FIG. 3 are processes executed by the user's computer according to the registration program (1). Step S3 is a process performed by the computer of the licensor.
In this registration program, first, file system information of a user's computer is read, and is encrypted according to a predetermined encryption algorithm defined in the registration program, and encrypted unique information is generated based on this (see FIG. Step S1). The block of the encryptor 25 in FIG. 1 conceptually shows this encryption process. Any encryption algorithm may be used.
[0024]
As is well known, a computer file system refers to a hierarchical structure of files in a computer. For example, Windows (trademark of Microsoft Corporation) has a function that can read this file system information using a program Explorer (trademark of Microsoft Corporation) and visually display its hierarchical structure. Such an existing file system information reading function can be used. Further, since the file system structure can be read using the file I / O function of the programming language, file system information can be obtained thereby. FIG. 4 shows an example of a file system. There is a folder such as “Old Mail” in the C drive, and various files with appropriate names such as “Meeting with XX Trading” are arranged therein. As can be seen from this example, individual computers are used in different ways depending on individual users, so as long as they are used normally at home or in the office, each user can use the file system individually. It will be unique to each computer. In other words, except for special cases such as immediately after the OS is installed, the file system information can be regarded as information unique to each individual computer. Therefore, the file system information is used as unique information for each individual computer, and as described later, unique key data can be created for each individual computer based on this.
[0025]
The unique information encrypted in step S1 may include not only the file system information but also other information other than the file system (for example, other information describing the current computer system). In short, any file system information may be included. In addition, it is encrypted using only a part of the file system information (for example, the file system information of a predetermined partial drive or a predetermined folder or folders) without using all the file system information of the user's computer. The unique information may be generated, and this is also included in the scope of the present invention. Note that the encryption process in step S1 is to make it difficult for an unauthorized user to decrypt the key data at a later date. Therefore, in some cases, the encryption process in step S1 can be omitted.
[0026]
Next, the encryption specific information based on the generated file system information is sent from the user to the licensor (step S2). This unique information is preferably sent online via a communication network, but may be sent offline via a portable medium.
[0027]
When the licensor receives encryption specific information from the user based on file system information specific to the computer used by the user, the licensor receives a predetermined conversion algorithm (this conversion algorithm is an encryption algorithm. The encrypted unique information is converted according to (preferably for preventing the decryption of), and key data (data serving as a key permitting regular use) is generated (step S3). The block of the converter 11 in FIG. 1 conceptually shows this conversion process. Thus, key data is created based on file system information unique to the computer used by the user. This key data is sent from the licensor to the user, and the user stores the received key data in his computer (step S4). The key data is preferably sent online via a communication network, but may be sent offline via a portable medium. Of course, without storing the key data electronically in the computer, the user may remember the key data notified to the user from the licensor and input it to the computer when necessary. .
[0028]
In this way, the user registration procedure is completed when the key data is passed from the licensor to the user. The target software is supplied from the licensor to the user at an appropriate stage before or after the user registration procedure. The supply of the target software is preferably performed online via a communication network, but may be performed offline via a portable medium.
[0029]
Next, an example of the operation of the above (2) protect program, which is the second stage of the unauthorized use prevention method according to the present invention, will be described with reference to a function flowchart shown in FIG. This protect program is executed on the user's computer when the user installs the target software on his computer or when the installed software is started. When starting this protected program during installation, this protected program is called and executed when the installation program of the target software is executed, and if it is determined that the software can be used as a result, installation is permitted. . Also, when starting this protected program when starting the installed software (when starting software execution), this protected program is called and executed when the start program of the target software is executed. If it is determined that the software can be used, it is permitted to start execution of the software body. This protect program is not limited to either one at the time of installation or at the time of software activation, and may be executed at both times. Alternatively, as will be described later, this protect program may be executed at any one or a plurality of locations inside the target software.
[0030]
When the protect program starts, first, key data is searched to determine whether key data exists (step ST1). This key data search method accepts the input of key data location information by the user on the input screen displayed according to the protect program, acquires key data from the input location information, or is designated in advance. An appropriate method may be used, such as a method of acquiring key data by searching a directory or a method of acquiring key data by searching a storage area of a computer from the corner. If it is determined that the key data does not exist, the use of the target software is not permitted (step ST2).
[0031]
If it is confirmed in step ST1 that the key data exists, the original encrypted unique information is generated by inversely converting the key data (step ST3). The block of the inverse converter 26 in FIG. 1 conceptually shows the inverse conversion process in step ST3. The reverse conversion algorithm in the reverse converter 26 is the reverse of the conversion algorithm by the conversion process on the licensor side (step S3 in FIG. 3 or the converter 11 in FIG. 1) during the registration procedure, thereby converting the key data. Restore to previous encryption specific information.
[0032]
Next, the restored encrypted unique information is decrypted (decrypted), and the unique information including the original file system information is restored (step ST4). The block of the decoder 27 in FIG. 1 conceptually shows the decoding process in step ST4. The decryption algorithm in the decryptor 27 is the reverse of the encryption algorithm by the encryption process (step S1 in FIG. 3 or the encryptor 25 in FIG. 1) at the time of the registration procedure. Unbind and restore the unique information including the original file system information.
[0033]
On the other hand, “current file system information” of the user's computer is read at an appropriate time, and based on this, “current unique information” of the user computer is provided (step ST5). The process of step ST5 may be performed before any of steps ST1, ST3, ST4. Further, reading the “current file system information” of the user computer is performed at an appropriate previous time, and is stored, and the saved “current file system information” is stored in step ST5. You may make it call. As described above, the file system information can be acquired by using the file I / O function of the programming language. Further, as described above, the “current unique information” of the user computer restored in step ST5 may include not only the file system information but also other information other than the file system. In short, the file system information As long as it contains at least. Alternatively, the encrypted unique information may be generated using only a part of the file system information without using all the file system information of the user's computer. However, it must be the same type of information as the unique information including the file system information that is the source of key data generation during the registration procedure.
[0034]
Next, the “original unique information (that is, the original file system information)” obtained in step ST4 is compared with the “current unique information (that is, the current file system information)” obtained in step ST5. A difference in information is obtained (step ST6). This difference can be calculated as a numerical value or a vector. For example, taking the set of files included in the file system obtained from the original unique information and the set of files included in the current file system, the number A of files included (matched) in both the former and the latter As an example, a method of calculating the difference C by the following equation from the number B of files that are included (not matched) only in either the former or the latter can be considered.
C = B ÷ (A + B)
According to this difference calculation method, when the two file systems completely match, since B = 0, the difference C becomes 0 and takes the minimum value. Since B increases as the number of files included in only one of the two file systems increases, the value of the difference C increases. When the two file systems do not include any file with the same name, A = 0. Therefore, the difference C takes 1 which is the maximum value. That is, the difference C takes a decimal value in the range from 0 to 1, and the closer the value is to 0, the higher the matching / similarity.
[0035]
Next, it is determined whether the comparison result, that is, the difference C exceeds a predetermined allowable limit (step ST7). The block of the comparison / determination unit 28 in FIG. 1 conceptually shows the comparison / determination process in steps ST6 and ST7. If this comparison result, that is, the difference does not exceed the allowable limit, the use of the software is permitted (step ST8). For example, the running program (installation program or startup program) is continued. If this comparison result, that is, the difference exceeds the allowable limit, the use of the software is not permitted (step ST9). For example, an unauthorized message is displayed on the computer display, and the program (installation program or activation program) is stopped.
[0036]
For example, when the key data is created, that is, from the time of registration, if the file system information of the user computer is not changed, the file system information matches. This means that the current computer on the user side is clearly the same as the computer related to the file system information from which the key data was created at the time of registration. Therefore, of course, the use of software is permitted. For example, a case where the target software is to be installed immediately after obtaining the key data at the time of registration corresponds to such a completely coincidence case.
On the other hand, the content of the file system information naturally changes with the use of the user's computer. In such a case, the “original file system information” restored in step ST4 is different from the “current file system information” read in step ST5, but the difference between the two is within an allowable range in step ST7. If this is the case, the similarity is recognized, the computer used on the user side is recognized as being unchanged, and the use of the software is permitted. The allowable limit value is set in advance in the protect program by the licensor at his / her own risk.
[0037]
On the other hand, if the software is illegally installed or started to be used on a computer other than the computer authorized at the time of registration (the computer related to the file system information from which the key data is created), the software is temporarily authorized. Even if the regular key data of the other computer is obtained, the “current file system information” read in step ST5 is the file system information of the other computer, and thus is restored based on the regular key data. It is clearly different from file system information. Therefore, in step ST7, it can be determined that there is no match or similarity between the two, that is, the difference between the two is out of the allowable range, and the use of the software can be prohibited. Therefore, if an allowable limit value serving as a criterion for determination is appropriately set, unauthorized use of software can be appropriately prevented.
[0038]
By the way, even an authorized computer changes its file system information with use. For this reason, the difference between the original file system information (at the time of user registration) restored by the key data and the current file system information becomes large as it is, and it will be judged as dissimilar beyond the allowable range. It might be. In order to cope with this, it is preferable to adaptively update the contents of the key data so as to match the current file system information.
For this purpose, the key data is adaptively updated in step ST9 on condition that the software use permission is determined. That is, the contents of the key data are updated so as to conform to the “current file system information” read in step ST5. The block of the adaptor 29 in FIG. 1 conceptually shows the adaptation update process in step ST9. FIG. 6 is a flowchart showing an example of the key data adaptation update process. The process goes to step ST90 on condition that the use permission is determined, and the unique information encrypted based on the “current file system information” is generated. For this encryption, the same encryption algorithm as that in step S1 in FIG. 3 is used. Next, in step ST91, the encrypted unique information is converted into key data. For this conversion, the same conversion algorithm as the conversion algorithm on the licensor side in step S3 in FIG. 3 is used. Thus, the old key data stored in the user computer is updated or replaced with the new key data thus created (step ST92). If it cannot be used, the key data is not updated in steps ST90 to ST92. In step ST90, the “current file system information” read in the previous step ST5 may be used as it is, or the process of reading “current file system information” may be performed again. As will be described later, when this key data adaptation update process is performed at an arbitrary time point, the “current file system information” is read in step ST90, and encryption is performed based on the read “current file system information”. Generated unique information.
[0039]
It is desirable that the key data adaptation update process is performed as frequently as possible, and appropriate key data update is always performed. In the specification for executing the protect program at the start of use of the target software, as long as the specification includes the key data adaptation update process as step ST9 in the protect program as described above, every time the target software is started. In addition, key data adaptation update processing can be performed. In that case, if the target software is frequently used software, the key data adaptation update process is relatively sufficiently performed. However, if the target software is software that is not frequently used, the number of times that the key data adaptation update processing is executed is insufficient, and the file system greatly changes while the software is not used. Because it is possible, the old unique information (file system information) corresponding to the key data will be significantly different from the current unique information (file system information), and there is a risk that legitimate users will be denied use. Come out. On the other hand, in the specification in which the protect program is executed only at the time of installation of the target software, only the specification in which the key data adaptation update processing is incorporated in step ST9 in the protection program as described above is the key data adaptation update processing. Insufficient execution.
[0040]
In order to deal with the shortage of execution of the key data adaptation update process as described above, the key data adaptation shown in FIG. 6 is performed every time the OS is started on the computer or at certain time intervals. Update processing may be executed. In that case, the latest software availability determination result may be stored, and the key data update process of steps ST90 to ST92 may be performed only when the latest determination result is available. Specifically, it is sufficient to add a program that executes the key data adaptation update process to a list of programs that are automatically executed when the computer is started. For example, in Windows (a trademark of Microsoft Corporation), it may be registered as a startup file.
[0041]
In the unauthorized use prevention method according to the present invention, if the range of the allowable limit that is determined to be usable is too wide, an unauthorized user may be mistakenly recognized as a regular user. On the other hand, if the allowable limit is too narrow, there is a high possibility that a legitimate user will be mistakenly recognized as illegal when a sudden change is made to the file system. In addition, it is conceivable to perform a key data reissue service when the key data is lost or lost due to user services. It is not impossible to request the reissuance of key data using information and illegally use software on a plurality of computers. Therefore, the unauthorized use prevention method according to the present invention does not provide a complete prevention measure against unauthorized use. Therefore, in order to effectively carry out the method according to the present invention, it is necessary for the licensor to appropriately set the allowable range or limit value of the usability determination at his / her own responsibility.
[0042]
However, even if there is such an inconvenience as described above, the method of the present invention has a significant prevention power as compared with the conventional unauthorized use prevention method using a password that can be easily copied. For example, in the conventional password method, a password can be illegally taught to others without being found by anyone by verbal or e-mail, and can be easily transmitted to many people. However, in the unauthorized use prevention method according to the present invention, even if an unauthorized user tries to perform an operation on the file system for the purpose of misrecognizing the protected program, the file system structure corresponding to the key data is first decrypted. In addition, the computer's file system must be modified accordingly, which takes a lot of time and cannot be used at all. In addition, even if an attempt is made to request reissuance of key data fraudulently by e-mail, the psychological threshold is high, and fraud is revealed if such fraudulent requests are repeated frequently. Therefore, compared with the conventional prevention method using passwords, it is considered that there is much less fear of unauthorized copying.
[0043]
As described above, according to the present invention, when the licensor appropriately sets the allowable limit, the user transmits the encryption specific information of the computer using the software to the licensor, and the authorized key data Since the software cannot be used on a computer unless it is received, unauthorized use of the software can be effectively prevented. Moreover, even a legitimate user cannot install one software on another computer having different unique information. Therefore, the effect of preventing unauthorized use of software is great.
It should be noted that not only at the time of installation or at the time of software activation, but also at the time of copying software, a protect program according to the present invention may be activated to prohibit unauthorized copying. It is also possible to have a specification that the protection program of the present invention is executed only at the time of installation, and that the installation process is also performed continuously when key data is received. The update process (step ST9, FIG. 6) can be omitted.
[0044]
In the example shown in FIG. 1, in the block of the comparison / determination unit 28, the unique information based on the file system information (that is, the decrypted information) is compared, but conversely, the detected “ The current file system information "is encrypted and converted to generate corresponding key data, and the generated key data is compared with the stored key data (that is, the encrypted data remains The use / non-use determination may be performed by (comparison). However, in that case, the risk of falsification of key data by an unauthorized user increases, so it is not a good idea. Therefore, as shown in the above-described embodiment, it is better to perform comparison using unique information (that is, decrypted information) based on file system information. However, even if there is a disadvantage, the embodiment in which the key data are compared with each other is also included in the technical idea of the present invention that determines whether or not the software can be used based on the characteristics of the file system, and is included in the scope of the present invention. It is.
[0045]
Even if the software is protected by the above-described availability determination function, the software may be illegally used or illegally copied by analyzing and modifying the software. This is because it is only necessary to invalidate the availability determination function inside the software by modifying the software. In particular, when the availability determination function is used only at the start of software use or installation, there is a high possibility that the software is illegally used by modifying only that part. In order to cope with such a possibility of modification, it is effective to provide the availability determination function at a plurality of locations inside the software and to determine availability at multiple locations. Even if it is determined that the software is illegally modified inside the software, it can be used, but if it is determined that it cannot be used in another part that remains normal This is because a mechanism for stopping the use of the software may be used. If you compare the software availability decision function to landmines, it is very similar to the situation where it is more difficult for enemies to invade by filling landmines extensively than if only one is buried in a narrow area. . Specifically, the protection program as shown in FIG. 5 is called at any one or a plurality of locations in the target software (any one or time point in the target software execution step), and the illegality according to the present invention is performed. It is recommended that the usage prevention process be executed. Alternatively, during execution of the target software, the protect program routine of FIG. 5 is performed only once at an appropriate time (for example, at the time of activation), and then one or a plurality of locations (the target The determination at least in step ST7 in FIG. 5 may be performed at any one or time point during the software execution step.
[0046]
If necessary, the present invention can be implemented in the form of dedicated hardware such as a software unauthorized use prevention device, and even in this case, the effects and advantages according to the present invention can be enjoyed. Therefore, an embodiment configured so that the unauthorized use prevention method according to the present invention can be realized by a dedicated hardware device is also included in the scope of the present invention.
[0047]
【The invention's effect】
As described above, according to the present invention, focusing on the file system information of the computer as information unique to the individual computer on the user side, key data unique to the individual computer is created based on the file system information, and the software Since the file system information in the computer to be used is evaluated by using the key data to determine whether or not the use is possible, unauthorized use can be prevented on the basis of a complete software processing and communication. It is ideal as a measure to prevent unauthorized use of software distributed over a network, and it does not require a hardware key, and the trouble of having to provide the target software in the form of a special portable recording medium Low cost, and each operator on the software provider's side There is no need to create the target software for each operating system, and since it is not restricted by the operating system, it can be applied to "cross platform" type software, and so on. .
[Brief description of the drawings]
FIG. 1 is a functional block diagram showing the principle of a method for preventing unauthorized use of software according to the present invention.
FIG. 2 is a schematic diagram illustrating the structure of a program and target software for realizing an unauthorized use prevention method according to the present invention.
FIG. 3 is a flowchart showing an example of a registration procedure according to the unauthorized use prevention method according to the present invention.
FIG. 4 is a conceptual diagram illustrating an example of a file system.
FIG. 5 is a flowchart showing an example of a protection program according to the unauthorized use prevention method of the present invention.
FIG. 6 is a flowchart showing an example of key data adaptation update processing.
[Explanation of symbols]
10 License provider computer system
20 User computer system
21 Computer hardware
22 OS
23 File system

Claims (14)

Detecting a characteristic of a file system of the computer by processing of a computer of a licensed user, and generating unique information based on the characteristic of the detected file system;
A second step of generating key data by computer processing on the software license provider side based on the unique information generated in the first step, and providing the key data to the user;
A third step of detecting characteristics of the file system of the computer by processing of the computer that intends to use the software, and generating unique information based on the detected characteristics of the file system;
Comparison between the unique information based on the characteristics of the file system corresponding to the key data and the unique information based on the characteristics of the file system generated in the third step by a process of a computer that intends to use the software A fourth step of determining whether or not the software can be used based on :
A fifth step of storing the key data provided to the user in the second step in a memory provided in a computer to use the software;
On the basis of at least one condition that the software is determined to be usable in the fourth step, the memory is adapted to match the unique information based on the characteristics of the file system generated in the third step. A sixth step of updating the content of the stored key data, and a method of preventing unauthorized use of software, comprising: In the fourth step, a difference between the unique information based on the feature of the file system corresponding to the key data and the unique information based on the feature of the file system generated in the third step is calculated, and the difference is calculated. The method of preventing unauthorized use of software according to claim 1 , wherein whether or not the software can be used is determined according to a size of the software. Detecting a characteristic of a file system of the computer by processing of a computer of a licensed user, and generating unique information based on the characteristic of the detected file system;
A second step of generating key data by computer processing on the software license provider side based on the unique information generated in the first step, and providing the key data to the user;
A third step of detecting characteristics of the file system of the computer by processing of the computer that intends to use the software, and generating unique information based on the detected characteristics of the file system;
The difference between the unique information based on the characteristics of the file system corresponding to the key data and the unique information based on the characteristics of the file system generated in the third step by processing of the computer that intends to use the software It was calculated, and the fourth step of determining availability of said software in accordance with the magnitude of the difference
A method for preventing unauthorized use of software comprising : Restoring the unique information based on the characteristics of the file system from the key data provided to the user,
Wherein in the fourth step, determine the software availability based on the unique information based on the characteristics of the reconstructed file system the file system generated by the unique information and the third step based on the characteristics of The method for preventing unauthorized use of software according to any one of claims 1 to 3 . In the second step, unique information based on the characteristics of the file system is converted into the key data according to a predetermined conversion algorithm,
5. The method for preventing unauthorized use of software according to claim 4 , wherein in the step of restoring the unique information, the unique information based on the characteristics of the file system is restored from the key data by inverse transformation of the predetermined conversion algorithm. Wherein the first and third step, the software of the unauthorized use preventing method according to any one of claims 1 to 5 for detecting a characteristic of the file system by reading the file system information of the computer. The fourth step is at least one of installing the software on the computer, starting the software on the computer, or copying the software on the computer. The method for preventing unauthorized use of software according to any one of claims 1 to 6 , which is executed at one time point and prohibits the use if it is determined that the use is not possible in the fourth step. The fourth step is executed at any one or a plurality of times when the software is being used by the computer, and if it is determined that the software is not available at the fourth step executed at any time The method for preventing unauthorized use of software according to any one of claims 1 to 7 , wherein the use is prohibited.   A computer program for causing a computer to execute the software illegal use prevention method according to claim 1. A program for causing a computer to execute a method for preventing unauthorized use of computer software,
Detecting a characteristic of a file system of a user's computer and outputting unique information based on the characteristic of the detected file system ;
A second step of receiving, from the license provider side , unique key data corresponding to the unique information generated on the license provider side of the software based on the outputted unique information;
A third step of detecting characteristics of a file system of a computer that intends to use the software, and generating unique information based on the characteristics of the detected file system;
Determining whether to use the software based on a comparison between the unique information based on the characteristics of the file system corresponding to the key data and the unique information based on the characteristics of the file system generated in the third step; and the step of,
A fifth step of storing the key data provided to the user in the second step;
The at least one condition that the software is determined to be usable in the fourth step is stored in such a manner as to conform to the unique information based on the characteristics of the file system generated in the third step. A sixth step of updating the contents of the key data . A program for causing a computer to execute a method for preventing unauthorized use of computer software,
Detecting a characteristic of a file system of a user's computer and outputting unique information based on the characteristic of the detected file system;
A second step of receiving, from the license provider side, unique key data corresponding to the unique information generated on the license provider side of the software based on the outputted unique information;
A third step of detecting characteristics of a file system of a computer to use the software and generating unique information based on the detected characteristics of the file system;
The difference between the unique information based on the feature of the file system corresponding to the key data and the unique information based on the feature of the file system generated in the third step is calculated, and the difference according to the magnitude of the difference A fourth step of determining the availability of software;
It comprises. In the first step, unique information based on the characteristics of the file system is sent to the software license provider via the network, and in the second step, it is generated on the license provider side. The program according to claim 10 or 11, wherein the key data is received via a network.   At least the fourth step is executed at one or a plurality of locations inside the software, and if it is determined that use is not possible at the fourth step executed at any location, the use is prohibited. Item 13. The program according to any one of Items 10 to 12.   A computer-readable storage medium storing the program according to claim 10.

Images