JP4545517B2 - Program execution control device and execution right information transfer method - Google Patents

Program execution control device and execution right information transfer method Download PDF

Info

Publication number
JP4545517B2
JP4545517B2 JP2004229844A JP2004229844A JP4545517B2 JP 4545517 B2 JP4545517 B2 JP 4545517B2 JP 2004229844 A JP2004229844 A JP 2004229844A JP 2004229844 A JP2004229844 A JP 2004229844A JP 4545517 B2 JP4545517 B2 JP 4545517B2
Authority
JP
Japan
Prior art keywords
information
execution right
execution
means
frequency
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2004229844A
Other languages
Japanese (ja)
Other versions
JP2006048446A (en
Inventor
雅之 寺田
節之 本郷
謙作 森
一彦 石井
Original Assignee
株式会社エヌ・ティ・ティ・ドコモ
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社エヌ・ティ・ティ・ドコモ filed Critical 株式会社エヌ・ティ・ティ・ドコモ
Priority to JP2004229844A priority Critical patent/JP4545517B2/en
Publication of JP2006048446A publication Critical patent/JP2006048446A/en
Application granted granted Critical
Publication of JP4545517B2 publication Critical patent/JP4545517B2/en
Application status is Active legal-status Critical
Anticipated expiration legal-status Critical

Links

Images

Description

  The present invention relates to a program execution control device that controls execution of a program using execution right information such as license information and a method for transferring execution right information.

  In recent years, there are techniques for preventing commercial programs and the like from being illegally copied and used. For example, an external device called a dongle (hereinafter referred to as a “dongle”) is connected to a connection interface unit such as a USB port of a device that executes a program such as a personal computer, and the program is executed only when this dongle is connected. The technology to do is known.

  However, in the technology using the dongle, it is necessary to physically transport the dongle and give the right to execute the program. For example, it is common to sell a program on the Internet or the like, but when performing execution control using a dongle, it is necessary to mail the dongle separately to the purchaser by mail. Similarly, it is necessary to transport the dongle when reselling or transferring the program.

In addition, a technique is known in which a program can be executed by giving license information, which is electronic information, to a user without connecting physical hardware such as a dongle. For example, a technique is known in which a server (license issuing system) provides license information to a user system via a communication line and executes an application program when the user receives the license information, as in the technique described in Patent Document 1. It has been.
JP-A-10-149283

  However, in the technique described in Patent Document 1, when transferring the execution right information, the server issuing the license information deletes the execution right information from the terminal device to which the execution right has already been given, and another terminal The execution right information can be substantially transferred by providing the execution right information. Therefore, a terminal that wants to transfer execution rights needs to connect to the server, and transfer of execution rights may be restricted. Further, it is considered necessary to centrally manage execution right information such as license information on the server side, and various processes such as security for the management are necessary. Therefore, the configuration of the entire system becomes complicated.

  Therefore, the present invention makes it possible to transfer execution rights without requiring a server for centralized management such as a license issuing system when transferring execution rights such as license information to another terminal. It is an object of the present invention to provide a program execution control device and a method for transferring execution right information.

In order to solve the above-described problem, the program execution control device of the present invention includes an execution right that enables execution of a program and storage means that stores execution right information including a frequency indicating the number of times of execution, and the execution right information includes In a program execution control device comprising verification means for verifying validity and a control means for performing control for starting a program based on verification by the verification means, the transfer operation and transmission destination of execution right information are input When the execution right information is transferred by the operation means and the transmission means, a predetermined number designated by the user is subtracted from the frequency information, or a predetermined number designated by the user is added to the frequency information. By encrypting the execution right information with the second arithmetic means and the numerical value subtracted or added by the second arithmetic means as the frequency, or the execution Execution right transfer information generating means for generating execution right transfer information by adding an electronic signature to information including information, and including the random number information in the execution right transfer information generated by the execution right transfer information generating means, When the frequency information reaches a predetermined reference value as a result of subtraction or addition by the transmission means for transmission to the transmission destination input by the operation means and the second calculation means, the execution right information is deleted. A second deletion unit; a first calculation unit that subtracts a predetermined number from the frequency information or adds a predetermined number to the frequency information when a program activation operation is performed in the operation unit; and the first calculation unit When the frequency information reaches a predetermined reference value as a result of calculation, the first deletion means for deleting the execution right information is provided, the storage means, and the execution right transfer information generation Stage is characterized by being configured in the tamper resistant device.

Further, the execution right information transfer method of the present invention comprises a storage means for storing execution right information that includes an execution right that enables execution of a program and a frequency indicating the number of times of execution, and execution right transfer information from the execution right information. Execution right transfer information generating means for generating, transmission means for transmitting the execution right transfer information, verification means for verifying that the execution right information is valid, execution means for controlling program execution, and operation means , A first computing means, a second computing means, a first deleting means, a second deleting means, wherein the storage means and the execution right transfer information generating means are executed in a program execution control device arranged in the tamper resistant device In the right information transfer method, the operation means accepts an execution right information transfer operation and an input of a transmission destination, and the second calculation means includes the transmission step. A second operation step of subtracting a predetermined number designated by the user from the frequency information, or adding a predetermined number designated by the user to the frequency information, The execution right transfer information generating means encrypts execution right information with the numerical value subtracted or added in the second operation step as a frequency, or adds an electronic signature to information including the execution right information, An execution right transfer information generation step for generating execution right transfer information, and the transmission means including the random number information in the execution right transfer information generated by the execution right transfer information generation step and the transmission input by the operation means As a result of the transmission step of transmitting first and the second deletion means subtracting or adding in the second calculation step, the frequency information becomes a predetermined reference value. In this case, a second deletion step of deleting the execution right information and the first calculation means subtracts a predetermined number from the frequency information when a program activation operation is performed in the operation step, or the frequency information A first calculation step of adding a predetermined number to the first calculation step, and when the frequency information reaches a predetermined reference value as a result of the calculation by the first calculation step, the execution right information is deleted. A first deleting step .

According to the present invention, information including execution right information that enables execution of a program is encrypted, or an electronic signature is added to information including execution right information, and the generated execution right transfer information is transferred to another terminal. Thus, the execution right information can be transmitted to other terminals without being centrally managed by the server or the like.
In addition, a predetermined number is added to or subtracted from the frequency information included in the execution right information every time the program is started, and when the predetermined reference value is reached, the execution right information is deleted to execute The number of times the right information can be used can be limited. Therefore, it is possible to reduce the chances of illegal duplication or falsification of execution right information.
Further, when the encrypted execution right transfer information is transmitted with respect to the frequency information included in the execution right information, a predetermined number is added or subtracted, and the execution right information is included by using the added or subtracted numerical value as the frequency. Execution to other terminals while holding execution right information at the transmission source by transmitting the generated execution right transfer information by encrypting information or adding an electronic signature to information including the execution right information The right information can be transmitted, and the execution right information can be divided. In addition, when the frequency information reaches a predetermined reference value, the execution right information can be substantially moved by deleting the execution right information.
Further, by incorporating the storage means for handling execution right information and the execution right transfer information generation means in a tamper-proof device such as an IC card, it is possible to prevent unauthorized duplication or falsification of the execution right information.

  The execution right information of the program execution control device of the present invention is preferably a hash value of the program.

  According to the present invention, the execution right information is judged by using a hash value by a known hash function such as MD5 or SHA-1, thereby preventing the execution of the program when it is falsified. Can do.

  The program execution control apparatus of the present invention also includes a receiving unit that receives execution right transfer information from another terminal, and decrypts the execution right transfer information received by the receiving unit, or converts the execution right transfer information into execution right transfer information. Execution right information generating means for generating information including execution right information by determining the validity of the added electronic signature, and the storage means is the execution right generated by the execution right information generating means. It is also preferable to store the right information.

  According to the present invention, the execution right transfer information is received and decrypted or the validity of the electronic signature is judged, and the execution right information acquired from the execution right transfer information is stored in the storage means. Thus, the execution right information can be obtained from another terminal.

  Further, the receiving means of the program execution control device of the present invention receives the execution right transfer information including the frequency, and the execution right information same as the execution right information generated by the execution right information generating means is already stored in the storage. If stored in the means, the storage means stores the execution right information obtained by adding the frequency of the execution right information received by the receiving means to the frequency of the execution right information already stored in the storage means. It is also preferable to do.

  According to the present invention, the frequency can be added by adding the frequency included in the execution right information on the receiving side and setting the added frequency as the frequency of the execution right information.

  The present invention generates and generates execution right transfer information by encrypting information including execution right information that makes a program executable, or by adding an electronic signature to information including the execution right information. By transmitting the executed right transfer information to another terminal without going through the server, the execution right information can be transmitted to the other terminal without centralized management by the server or the like.

  Embodiments of a program execution control device and a program execution control method according to the present invention will be described below with reference to the accompanying drawings. Where possible, the same parts are denoted by the same reference numerals, and redundant description is omitted.

  First, the program execution control device of this embodiment will be described. FIG. 1 is a block diagram of the program execution control device 1. The program execution control device 1 includes an information processing device 10 and an IC card 20, and the program execution control device 1 with the IC card 20 inserted into an IC card insertion slot formed in the information processing device 10. Works. The information processing apparatus 10 includes a verification unit 11 (verification unit), a control unit 12 (control unit), an application storage unit 13, and a communication unit 14. In addition, the IC card 20 includes a storage unit 21 (storage unit), a subtraction unit 22 (first calculation unit, second calculation unit, first deletion unit, and second deletion unit), transfer unit 23 (execution right transfer information generation). Means and transmitting means), and receiving unit 24 (execution right information generating means and receiving means), prohibiting illegal access from the outside, and reading the contents of the memory, This is a so-called tamper resistant device. Examples of the tamper resistant device include an IC card and a stick-shaped IC memory. The communication unit 14 and the transfer unit 23 function as a transmission unit of the present invention, and the communication unit 14 and the reception unit 24 function as a reception unit of the present invention. Each configuration will be described below.

  The verification unit 11 is a verification unit that calculates a hash value of an application program to be activated when an application program activation instruction is issued, and verifies whether the hash value is equal to a hash value stored in advance. Examples of the hash value calculation method include SHA-1 (Secure Hash Algorithm 1), which is a kind of hash function, or MD5 (Message Digest 5). The verification unit 11 verifies whether the hash value of the execution right information stored in the storage unit 21 is equal to the calculated hash value, and if a plurality of execution right information is stored in the storage unit 21, the hash value The verification process is repeated until an equal number is found. Then, the control unit 12 can determine whether or not the operation of the application program is possible based on the verification result of the verification unit 11 and further based on the subtraction result of the subtraction unit 22 described later.

  The control unit 12 functions as a control unit that activates an application stored in the application storage unit 13 based on the verification result of the verification unit 11.

  The application storage unit 13 is a memory that stores applications.

  The communication unit 14 is a connection interface that connects to a network such as a LAN or the Internet. The communication unit 14 communicates with a management server that stores an ID and an IP address in association with each other, and transmits / receives execution right information using the transfer unit 23 and the reception unit 24 of the IC card 20.

  The operation unit 15 is an operation unit for performing an input operation by a user or an instruction to start an application program, and can accept an input of an ID of the IC card 20 or an instruction to start by the user. Note that the IP address of the transmission destination can be directly input instead of the ID of the IC card 20.

  The storage unit 21 is a storage unit that stores execution right information. The execution right information is composed of a hash value generated based on the application program (the hash value calculation method includes SHA-1 and MD5 as described above) and frequency information represented by a numerical value. . The frequency information is information indicating that the execution right information is valid, and is numerical information that is subtracted by N each time the application program is executed or the execution right information is transferred ( N is an integer of 1 or more. When the frequency is less than 0, the execution right information is invalidated and the application program cannot be started.

  A conceptual diagram of this execution right information is shown in FIG. FIG. 2 is a conceptual diagram of execution right information, and is composed of a hash value generated based on an application program and frequency information. The initial value of the hash value and the frequency information is information acquired from a license server arranged on the network using the communication unit 14 of the program execution control device, and the hash value and the frequency are generated in advance by the license server. Has been. The connection with the license server is only when the initial value is acquired, and is not connected when the execution right information is transferred.

  Returning to FIG. 1, the description will be continued. The subtracting unit 22 subtracts the frequency information stored in the storage unit 21 to determine whether the frequency is greater than 0, the frequency is 0, or the frequency is less than 0.

  The subtracting unit 22 functions as a first subtracting unit and a second subtracting unit that perform a process of subtracting N from the frequency information stored in the storage unit 21. Then, it is determined whether the result obtained by subtraction is greater than 0, less than 0, or 0. When the subtraction unit 22 determines that the result obtained by subtracting the frequency information is 0 or more when the application program is activated, the subtraction unit 22 outputs a message to that effect to the verification unit 11. If it is smaller than 0, an output to that effect is output. When the verification unit 11 receives an output indicating that the value is 0 or more, the verification unit 11 starts the application program. When the subtraction unit 22 determines that the result obtained by subtraction is 0, the corresponding execution right information is deleted. Therefore, the subtraction unit 22 also functions as a first deletion unit.

  In addition, when the subtraction unit 22 determines that the result obtained by subtracting the frequency information when transferring the execution right information is 0 or more, the transfer unit 23 is instructed to transfer the execution right information. Is output. On the other hand, if it is smaller than 0, no instruction to transfer the execution right information is output. When the subtraction unit 22 determines that the result obtained by subtraction is 0, the corresponding execution right information is deleted. Therefore, the subtraction unit 22 also functions as a second deletion unit.

  The transfer unit 23 extracts the execution right information stored in the storage unit 21, encrypts the extracted execution right information to generate execution right transfer information, and transmits the generated execution right transfer information. It functions as an execution right transfer information generating means and a transmitting means. Also, instead of encryption processing or as necessary, an execution right transfer information may be generated by adding an electronic signature to the execution right information, and the generated execution right transfer information may be transmitted to a transmission destination. it can. The execution right transfer information may include other information such as random number information for preventing replay attack in addition to the execution right information for executing the application.

  Here, a conceptual diagram of the execution right transfer information will be described. FIG. 3 is a conceptual diagram of execution right transfer information. As shown in FIG. 3, the execution right transfer information is execution right information encrypted (or added with an electronic signature). The execution right transfer information is information encrypted using an encryption key shared with the receiving side so that it can be decrypted by the receiving side (other terminals arranged on the network). Instead of encrypting using a shared encryption key, encryption may be performed using a secret key, and the secret key may be notified to the receiving side using a Diffie-Hellman key exchange method.

  The receiving unit 24 generates execution right information by decrypting and receiving execution right transfer information that is encrypted execution right information from another program execution control device connected via the communication unit 14. Thus, it functions as an execution right information generation unit and a reception unit. Further, when an electronic signature is received from a source of execution right information, it can be analyzed to determine its validity. The receiving unit 24 decrypts the received execution right transfer information using an encryption key shared with the program execution control device on the transmission side, and acquires execution right information. The receiving unit 24 registers the acquired execution right information in the storage unit 21. When the execution right information to which the electronic signature is added is acquired, the received execution right information is registered in the storage unit 21 after confirming the validity of the electronic signature. The receiving unit 24 may be configured to perform the following processing when registering execution right information in the storage unit 21.

  The receiving unit 24 determines whether or not execution right information (part of execution right information other than frequency) equal to the decrypted execution right information is already stored in the storage unit. Specifically, the presence / absence of execution right information having the same hash value is determined. If the execution right information having the same hash value exists, the receiving unit 24 extracts the frequency of the received execution right information, and adds the extracted frequency to the frequency of the execution right information already stored in the storage unit. . The execution right information obtained by the addition is stored. Thus, the frequency of execution right information can be added.

  The other program execution control devices have the same configuration as the above-described program execution control device, and thus description thereof is omitted.

  Next, the operation of the program execution control device 1 will be described. First, processing when an application is activated and operated using the execution right information stored in the IC card 20 will be described. FIG. 4 is a flowchart showing processing when starting an application using execution right information.

  First, an activation operation of an application program stored in the application storage unit 13 is performed by a user operation (S101). Then, the hash value of the application program is calculated by the verification unit 11 (S102). Next, the verification unit 11 compares the calculated hash value with the hash value of the execution right information stored in the IC card 20 (S103). When the verification unit 11 determines that the calculated hash value matches the hash value of the execution right information stored in the IC card 20 (S104), the subtraction unit 22 stores the stored hash value in the storage unit 21. N is subtracted from the existing frequency information. Here, N is 1, but N may be a numerical value of 2 or more. If the hash values do not match in S104, the process ends.

  The subtraction unit 22 determines whether the subtraction (frequency information-N) is greater than 0, less than 0, or 0 (S106). Here, when it is determined that (frequency information−N) <0, it is determined that the frequency for executing the application program is insufficient, and the process ends without starting the application program. Here, the execution right information is not deleted. This is because when the above-mentioned N is 2 or more, at least one frequency may remain, and the execution right information can be substantially made effective by adding only the frequency later. It is.

  If it is determined that (frequency information−N)> 0, a numerical value obtained by subtraction is set as frequency information (S107). This is because the next time the application is started, a determination is made based on the frequency information replaced with the numerical value obtained by subtraction. After the frequency information is set to a numerical value obtained by subtraction, the program is started (S109).

  If it is determined that (frequency information−N) = 0, the execution right information is deleted (S108). Unlike the case where the frequency remains, the execution right information is deleted together with the frequency information. This is because, unlike the case where the frequency remains, when re-registering all of the execution right information, there is no change in the re-registration process. It is also possible to control so that only the frequency information is subtracted to 0 and the execution right information is not deleted. When the execution right information is deleted, the program is started (S109).

  In this way, by determining the execution right information, it is possible to determine whether or not the application can be activated.

  Next, the operation when transferring execution right information to another program execution control device will be described. FIG. 5 is a flowchart showing the processing of the program execution control device 1 when it is transferred to another program execution control device.

  First, execution rights information is transferred by the user (S201). Here, the transmission destination is specified by inputting the ID of the IC card of another program execution control apparatus as the transmission destination by the user. The input ID is transmitted to the management server arranged in the network by the communication unit 14, and the management server extracts and returns an IP address corresponding to the received ID. By receiving this reply, the communication unit 14 can acquire the IP address of the transmission destination by the program execution control device of this embodiment.

  In the management server that stores the correspondence between the ID and the IP address, the ID and the IP address are registered in advance in association with the operation of the user holding the IC card. Specifically, when the IC card is inserted into the program execution control device, the program execution control device detects this, reads the ID of the IC card, and communicates the read ID with the IP address of the program execution control device. Register to the management server using the unit 14. Note that the IP address may be directly input without performing such processing. In addition to inputting the transmission destination, the user may input the frequency of the execution right information. Thereby, the user can input a value according to his / her intention, and can transfer all of the execution right information.

  When the operation by the user is performed and the IP address of the transmission destination is acquired, the IP address is output to the transfer unit 23, and the control unit 12 instructs the transfer unit 23 to that effect (S202). Receiving this instruction, the transfer unit 23 instructs the subtraction unit 22 to perform a frequency subtraction process (S203). Then, the subtraction unit 22 calculates (frequency information-N) (S204). Here, N can take a numerical value of 1 or more, but a large value can be input as N by the user's operation, and substantially all of the execution right is transferred or the execution right is divided. be able to.

  If (frequency information−N) <0 by this arithmetic expression (S205), the process is terminated without performing the execution right information transfer process. If (frequency information-N)> 0 (S205), the transfer unit 23 encrypts the execution right information with the frequency information set to N using the shared encryption key, thereby transferring the execution right. Information is generated (S206). Then, the transfer unit 23 transmits the execution right transfer information to another program execution control device connected via the communication unit 14 (S209). After the transmission, the storage unit 21 stores the new frequency information as execution right information, with the numerical value obtained by (frequency information−N) as new frequency information. Then, new frequency information is used at the time of the next execution right information transfer process or program start process, and the determination is made based on this frequency information.

  If (frequency information−N) = 0 (S205), the transfer unit 23 encrypts the execution right information with the frequency of the execution right information as N (or adds an electronic signature to the execution right information). The execution right transfer information is generated (S207). Then, the execution right information is deleted from the storage unit 21 by the subtraction unit 22 (S208). After the deletion, the transfer unit 23 transmits the execution right transfer information to another program execution control device connected via the communication unit 14 (S209). Unlike the above, the post-transmission processing ends without executing anything because the execution right information has been deleted.

  The other program execution control device on the receiving side receives the execution right transfer information without going through the server (S301). The received execution right transfer information is decrypted based on the shared encryption key to generate execution right information (S302). Then, the generated execution right information is stored in a predetermined storage unit of the IC card in another program execution control device (S303). The following processing may be performed when storing in the storage unit.

  The receiving IC card determines whether or not execution right information (part of execution right information other than the frequency) equal to the decrypted execution right information is already stored in the storage unit. Specifically, the presence / absence of execution right information having the same hash value is determined. If execution right information having the same hash value exists, the frequency of the received execution right information is extracted, and the extracted frequency is added to the frequency of the execution right information already stored in the storage unit. The execution right information obtained by the addition is stored. Thus, the frequency of execution right information can be added.

  In this way, execution right information is encrypted using a shared encryption key when transported, and can be received by the receiving side after decrypting using the shared encryption key. The right information can be safely transferred to another device while ensuring the identity without being falsified. Similarly, the execution right information to which the electronic signature is added can be safely transferred to another apparatus while ensuring the identity.

  When transferring execution right information, in addition to the above-described encryption method, as described in Japanese Patent Laid-Open No. 2001-143209, a method of converting the entire data into a hash value using a hash function and transmitting it is adopted. can do.

  In addition, the program execution control device 1 performs a process of subtracting N from the frequency information every time the program is started or each time the execution right information is transferred, as the frequency information is given by the license server. However, it is not limited to this, the frequency is set to 0 as an initial value, and M is added to the frequency information every time the program is started or the execution right information is transferred, and the predetermined number is reached. Sometimes, the program is executed, execution right information can be transferred, and the execution right information may be deleted when the frequency obtained by adding M reaches a predetermined value.

  Next, the effect of the program execution control apparatus 1 of this embodiment is demonstrated. The program execution control apparatus 1 according to the present embodiment is generated by encrypting information including execution right information that enables execution of a program, or by adding an electronic signature to information including execution right information. By transmitting the execution right transfer information to other program execution control devices without going through the server, the execution right information can be sent to other terminals without being centrally managed by the server or the like.

  In addition, the program execution control apparatus 1 according to the present embodiment prevents unauthorized duplication or falsification of execution right information by incorporating the storage unit 21 and the transfer unit 23 that handle execution right information into a tamper-resistant device such as an IC card. be able to. In addition, the receiving unit 24 can be incorporated into the tamper resistant device.

  In addition, the program execution control device 1 according to the present embodiment makes it possible to determine the legitimacy of the execution right information by using a hash value by a known hash function such as MD5 or SHA-1, so that when the program is tampered with, Execution can be prevented in advance.

  In addition, the program execution control device 1 according to the present embodiment subtracts a predetermined number from the frequency information included in the execution right information every time the program is started by the subtracting unit 22, and sets the predetermined reference value. When it reaches, the number of times the execution right information can be used can be made finite by deleting the execution right information. As a result, the chances of unauthorized duplication or falsification of execution right information can be reduced. Note that addition may be performed instead of subtraction.

  Further, the program execution control apparatus 1 according to the present embodiment allows the subtraction unit 22 to execute the execution right transfer information that is encrypted or has an electronic signature added to the frequency information included in the execution right information. The predetermined number is subtracted, and the information including the execution right information is encrypted by the transport unit 24 using the subtracted numerical value as the frequency, or the information including the execution right information is added to the information, and the encrypted or electronic By transmitting the execution right transfer information to which the signature is added, the execution right information can be transmitted to another terminal while holding the execution right information at the transmission source, and the execution right information can be divided. In addition, when the frequency information reaches a predetermined reference value, the execution right information can be substantially moved by deleting the execution right information. Note that addition may be performed instead of subtraction.

  In addition, the program execution control apparatus 1 of the present embodiment receives the execution right transfer information by the receiving unit 24, decrypts the information or determines the validity of the electronic signature, and stores the execution right information in the storage unit 21. , The execution right information can be obtained from another terminal.

  Further, the program execution control apparatus 1 of the present embodiment adds the frequency by adding the frequency included in the execution right information by the receiving unit 24 on the receiving side, and setting the added frequency as the frequency of the execution right information. be able to.

It is a block block diagram of a program execution control apparatus. It is a conceptual diagram of execution right information. It is a conceptual diagram of execution right transfer information. It is a flowchart which shows a process when starting an application using execution right information. It is a flowchart which shows the process of a program execution control apparatus when transferring to another program execution control apparatus.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 ... Program execution control apparatus, 10 ... Information processing apparatus, 11 ... Verification part, 12 ... Control part, 13 ... Application storage part, 14 ... Communication part, 20 ... Card, 21 ... storage unit, 22 ... subtraction unit, 23 ... transfer unit, 24 ... receiving unit.

Claims (5)

  1. A storage unit that stores execution right information including an execution right that enables execution of the program and a frequency indicating the number of times of execution; a verification unit that verifies that the execution right information is valid; and the verification unit In a program execution control device comprising control means for performing control for starting a program based on verification,
    An operation means for inputting the execution right information transfer operation and the destination, and
    A second computing means for subtracting a predetermined number designated by the user from the frequency information or adding a predetermined number designated by the user to the frequency information when the transmission means performs a transfer operation of the execution right information; ,
    The execution right transfer information is generated by encrypting the execution right information with the numerical value subtracted or added by the second calculation means as the frequency, or by adding an electronic signature to the information including the execution right information. Right transfer information generating means;
    A transmission unit that includes random number information in the execution right transfer information generated by the execution right transfer information generation unit, and transmits the random number information to the transmission destination input by the operation unit;
    As a result of the subtraction or addition by the second calculation means, when the frequency information reaches a predetermined reference value, a second deletion means for deleting the execution right information;
    A first calculation means for subtracting a predetermined number from the frequency information or adding a predetermined number to the frequency information when a program activation operation is performed in the operation means;
    When the frequency information reaches a predetermined reference value as a result of calculation by the first calculation means, first deletion means for deleting the execution right information;
    Prepared,
    The program execution control apparatus , wherein the storage means and the execution right transfer information generation means are configured in a tamper resistant apparatus.
  2. The program execution control apparatus according to claim 1 , wherein the execution right information is a hash value of the program.
  3. Receiving means for receiving execution right transfer information from another terminal;
    Execution right information for generating information including execution right information by decrypting the execution right transfer information received by the receiving means or judging the validity of the electronic signature added to the execution right transfer information And generating means,
    The program execution control apparatus according to claim 1, wherein the storage unit stores the execution right information generated by the execution right information generation unit.
  4. The receiving means receives execution right transfer information including frequency,
    When the same execution right information as the execution right information generated by the execution right information generation unit is already stored in the storage unit, the reception unit is set to the frequency of the execution right information already stored in the storage unit. 4. The program execution control apparatus according to claim 3, wherein the storage unit stores execution right information obtained by adding the frequency of the execution right information received by the storage unit.
  5. Storage means for storing execution right information enabling execution of a program and frequency indicating the number of times of execution, execution right transfer information generating means for generating execution right transfer information from the execution right information, execution right transfer Transmission means for transmitting information, verification means for verifying that the execution right information is valid, execution means for controlling execution of the program, operation means, first calculation means, second calculation means, first A deletion means, a second deletion means, wherein the storage means and the execution right transfer information generation means are a method of transferring execution right information in a program execution control device arranged in a tamper resistant apparatus,
    An operation step in which the operation means receives an execution right information transfer operation and a destination input;
    When the execution right information is transferred in the transmission step, the second calculation means subtracts a predetermined number designated by the user from the frequency information, or adds a predetermined number designated by the user to the frequency information. A second computing step to add;
    The execution right transfer information generating means encrypts execution right information with the numerical value subtracted or added in the second operation step as a frequency, or adds an electronic signature to information including the execution right information. An execution right transfer information generation step for generating execution right transfer information;
    A transmission step in which the transmission means includes random number information in the execution right transfer information generated by the execution right transfer information generation step and transmits the random number information to the transmission destination input by the operation means;
    A second deletion step of deleting the execution right information when the frequency information reaches a predetermined reference value as a result of the subtraction or addition by the second calculation step,
    A first calculation step in which the first calculation means subtracts a predetermined number from the frequency information or adds a predetermined number to the frequency information when a program activation operation is performed in the operation step;
    A first deletion step of deleting the execution right information when the frequency information reaches a predetermined reference value as a result of the first deletion means being calculated by the first calculation step;
    A method for transferring execution right information.
JP2004229844A 2004-08-05 2004-08-05 Program execution control device and execution right information transfer method Active JP4545517B2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2004229844A JP4545517B2 (en) 2004-08-05 2004-08-05 Program execution control device and execution right information transfer method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2004229844A JP4545517B2 (en) 2004-08-05 2004-08-05 Program execution control device and execution right information transfer method

Publications (2)

Publication Number Publication Date
JP2006048446A JP2006048446A (en) 2006-02-16
JP4545517B2 true JP4545517B2 (en) 2010-09-15

Family

ID=36026919

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2004229844A Active JP4545517B2 (en) 2004-08-05 2004-08-05 Program execution control device and execution right information transfer method

Country Status (1)

Country Link
JP (1) JP4545517B2 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5773494B2 (en) * 2011-12-05 2015-09-02 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation Information processing apparatus, control method, and program

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0997175A (en) * 1995-10-02 1997-04-08 Matsushita Electric Ind Co Ltd Software use control method
JPH11203128A (en) * 1998-01-09 1999-07-30 Canon Inc Digital software distribution system, terminal and recording medium
JP2003022143A (en) * 2001-07-09 2003-01-24 Yokogawa Electric Corp Accounting method for software
JP2003058510A (en) * 2001-08-15 2003-02-28 Fujitsu Ltd Method and system for transmitting and distributing license in online environment
JP2003174446A (en) * 2001-12-05 2003-06-20 Canon Inc Method for authenticating license of software

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0997175A (en) * 1995-10-02 1997-04-08 Matsushita Electric Ind Co Ltd Software use control method
JPH11203128A (en) * 1998-01-09 1999-07-30 Canon Inc Digital software distribution system, terminal and recording medium
JP2003022143A (en) * 2001-07-09 2003-01-24 Yokogawa Electric Corp Accounting method for software
JP2003058510A (en) * 2001-08-15 2003-02-28 Fujitsu Ltd Method and system for transmitting and distributing license in online environment
JP2003174446A (en) * 2001-12-05 2003-06-20 Canon Inc Method for authenticating license of software

Also Published As

Publication number Publication date
JP2006048446A (en) 2006-02-16

Similar Documents

Publication Publication Date Title
JP4689945B2 (en) Resource access method
US6895502B1 (en) Method and system for securely displaying and confirming request to perform operation on host computer
CN100354786C (en) Open type general-purpose attack-resistant CPU and application system thereof
CA2554300C (en) System and method for encrypted smart card pin entry
US5568552A (en) Method for providing a roving software license from one node to another node
CN103460195B (en) System and method for security software updates
US7747531B2 (en) Method and system for delivery of secure software license information
KR100236697B1 (en) Software copying system
JP4564243B2 (en) Method and apparatus for base cryptographic service provider (CSP)
US6782477B2 (en) Method and system for using tamperproof hardware to provide copy protection and online security
US7545931B2 (en) Protection of application secrets
US7844819B2 (en) Application authentication system
JP4460763B2 (en) Encryption key generation method using biometric data
JP4906854B2 (en) Information processing apparatus, information recording apparatus, information processing system, program update method, program, and integrated circuit
EP1680724B1 (en) Program execution device
US20070136599A1 (en) Information processing apparatus and control method thereof
US20100174919A1 (en) Program execution apparatus, control method, control program, and integrated circuit
DE60130172T2 (en) A secure and open computer platform
JP5611768B2 (en) Inclusive verification of platform to data center
US8549606B2 (en) Device for protecting digital content, device for processing protected digital content, method for protecting digital content, method for processing protected digital content, storage medium storing program for protecting digital content, and storage medium storing program for processing protected digital content
US7270193B2 (en) Method and system for distributing programs using tamper resistant processor
EP0881559B1 (en) Computer system for protecting software and a method for protecting software
US8918633B2 (en) Information processing device, information processing system, and program
JPWO2004109972A1 (en) User terminal for license reception
US6516413B1 (en) Apparatus and method for user authentication

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20070405

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20100218

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20100302

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100430

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20100525

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20100609

RD03 Notification of appointment of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7423

Effective date: 20100609

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20100629

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20100630

R150 Certificate of patent or registration of utility model

Free format text: JAPANESE INTERMEDIATE CODE: R150

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20130709

Year of fee payment: 3

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250