KR101738604B1 - System and method for preventing illegal use of library - Google Patents

System and method for preventing illegal use of library Download PDF

Info

Publication number
KR101738604B1
KR101738604B1 KR1020150184163A KR20150184163A KR101738604B1 KR 101738604 B1 KR101738604 B1 KR 101738604B1 KR 1020150184163 A KR1020150184163 A KR 1020150184163A KR 20150184163 A KR20150184163 A KR 20150184163A KR 101738604 B1 KR101738604 B1 KR 101738604B1
Authority
KR
South Korea
Prior art keywords
information
module
application program
library
verification
Prior art date
Application number
KR1020150184163A
Other languages
Korean (ko)
Inventor
강호갑
김태현
Original Assignee
주식회사 디알엠인사이드
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 디알엠인사이드 filed Critical 주식회사 디알엠인사이드
Priority to KR1020150184163A priority Critical patent/KR101738604B1/en
Application granted granted Critical
Publication of KR101738604B1 publication Critical patent/KR101738604B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/105Arrangements for software license management or administration, e.g. for managing licenses at corporate level
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Abstract

The present invention relates to a system and method for preventing illegal use of a library, and more particularly, to a system and method for preventing unauthorized use of a library by verifying a usage right of a unique library for an application program generated by using a unique library, The present invention relates to a system and method for preventing unauthorized use of a library that can prevent an application program illegally using a unique library by determining whether an application program is executed based on the verified information.

Description

System and method for preventing illegal use of library [0002]

The present invention relates to a system and method for preventing illegal use of a library, and more particularly, to a system and method for preventing unauthorized use of a library by verifying a usage right of a unique library for an application program generated by using a unique library, The present invention relates to a system and method for preventing unauthorized use of a library that can prevent an application program illegally using a unique library by determining whether an application program is executed based on the verified information.

Various Software Development Kit (SDK) modules are provided to support a variety of application programs generated by development tools by extending unique libraries that are not provided by specific development tools for application development. Can develop a wider variety of applications by using the unique libraries provided by these SDK modules.

However, due to the unauthorized duplication of the SDK module developed by the provider of the SDK module and the unauthorized use of the unique library provided by the SDK module, the supplier's efforts are not properly compensated. Causing a great deal of industrial damage.

Therefore, countermeasures against illegal copying of such SDK modules are urgently required.

In order to solve this problem, various methods such as serial number use, password use, genuine validation through a network when a program is executed, and the like exist as a method for preventing illegal copying of the SDK module.

However, these methods have the following problems.

First, in case of installing the SDK module in the user terminal, it is impossible to prevent the redistribution when the serial number and the password are inputted and the serial number and the password are leaked.

Also, it is possible to limit the number of available PCs of the SDK module to a specific number through a method of issuing licenses based on PC information or real-time checking using a network so that the SDK module can be operated only on a specific PC through a network The method of issuing the license information is troublesome because it is required to receive the information of the specific PC first. In addition, there is a problem that the control is difficult when the network is not connected to the network. In addition, There is a disadvantage that the SDK module can not be used.

Therefore, it is necessary to develop a method that enables the SDK module to be used only within a predetermined range and newly developed application program can be distributed through the corresponding SDK module while minimizing the inconvenience of the user who uses the SDK module, It is required to develop a system that can control the distribution of a new application program developed using the program.

Korean Patent No. 10-0973333

In the application development stage using the SDK module, which is a set of unique libraries requiring restriction on illegal use, the present invention permits free use but performs automatic verification upon invocation of a unique library constituting the SDK module according to the execution of the application program The purpose of this module is to effectively prevent unauthorized use of the unique library provided by the SDK module by judging whether the license is legitimately licensed for use.

In addition, the present invention automatically verifies the usage right of a unique library when an application program is executed, and when the verification fails, execution of the application program is disabled so that the verification procedure is performed automatically, The purpose is to block the application software developed by illegally using the unique library.

An illegal use prevention system of a library according to an exemplary embodiment of the present invention includes an SDK (Software Development Kit) module configured in a user terminal and providing a unique library applied to an application program, an application And generating hash information for the application program when the application program is created using the inherent library and generating module validation request information including the hash information, And a module validation service providing device for generating module validation information based on the hash information when receiving the module validation request information from the user terminal and transmitting the generated module validation information to the user terminal, Library is applied The unique library is executed at the time of execution of the generated application program to generate verification object information based on the hash information of the application program and then compared with the previously stored module verification information, And determining whether to execute the program.

In one embodiment of the present invention, the verification client module requests authentication information for a user through the user terminal when generating an application program to which the unique library is applied in the user terminal, receives authentication information according to user input, The module verification service providing device transmits module verification request information including the authentication information and the hash information to the module verification service providing device, and the module verification service providing device compares authentication information included in the module verification request information with previously registered user information And generating and transmitting the module verification information when the user is authenticated.

In one embodiment of the present invention, the module verification service providing apparatus encrypts and transmits the module verification information so that the module verification information can be decrypted through the unique library when the application program is executed.

As an example related to the present invention, the module verification information may include information on an issuance date, an issuance target user, an application program name, hash information for an application program, and validity period.

The inherent library called according to the execution of the application program checks an expiration period according to the module verification information and blocks the execution of the application program when a valid period expires. can do.

As an example related to the present invention, if the module verification information does not exist in the terminal in which the application program is executed, or the verification target information and the module verification information do not coincide with each other And the execution of the application program is interrupted upon occurrence.

As an example related to the present invention, the verification client module may automatically generate the module verification request information upon creation of an executable file upon completion of compiling the application program by the development module and transmit the module verification request information to the module verification service providing apparatus .

In an embodiment of the present invention, the module verification service providing apparatus may be configured to communicate with the user terminal through a network, or may be configured in the user terminal or locally connected to the user terminal.

In one embodiment of the present invention, the module verification service providing device includes digital signature information previously registered in association with a user terminal in the module verification information, and when the verification of the digital signature information is failed by the inherent library, Thereby preventing the program from being executed.

As an example related to the present invention, the module validation library may be configured such that when an executable file for executing the application program is changed so that the verification target information and the module verification information for the executable file do not coincide with each other, And the like.

A method for preventing unauthorized use of a library according to an exemplary embodiment of the present invention includes: generating an application program using a unique library provided by a software development module (SDK) module at a user terminal; Generating hash information for the application program when generating the program and transmitting module validation request information including the hash information, receiving module validation request information from the user terminal in the module validation service providing apparatus, Generating the module verification information based on the hash information and transmitting the generated module verification information to the user terminal, and executing the inherent library according to execution of the application program in the terminal where the application program generated by applying the inherent library is executed, Application to By mutually comparison with the group information stored in the verification module then generates a hash information verification target information based it can include determining a subsequent running of the application program according to the match.

The present invention provides module validation information for a usage right of a unique library when an application program developed using an SDK module, which is a set of unique libraries requiring usage rights, is generated in association with a corresponding application program, The validation of the usage rights of the inherent library is performed by referring to the module validation information by the inherent library automatically applied to the application program so that the execution of the illegal application program failed in verification is automatically blocked, The use of proprietary libraries is only possible for users who have a legitimate contract with the provider and the use of the proprietary library, so that it is possible to effectively control the use of the proprietary library. At the same time you can omit the effect that can be resolved concerns the information required to authenticate a user is exposed to the outside.

In addition, even when an illegal application program is illegally used by unauthorized copying of a unique library provided by the SDK module, a unique library executed according to the execution of the illegal application program can be verified It is possible to block the entire operation of the illegal application program by blocking the execution of the illegal application program when the verification fails and to prevent the validation process according to the execution of the inherent library necessary for the operation process of the illegal application program, It is possible to effectively prevent unauthorized use of the library.

In addition, since the module verification information for verifying the usage right of the inherent library according to the present invention is issued as information dependent on an individual application program and is encrypted, it can not be duplicated and used. To drive the application program through the module verification service, It is necessary to receive the module verification information that is dependent on the application program, so that the verification of the unique library of the application program is necessarily performed, so that the use of the unique library can be effectively controlled.

In addition, according to the present invention, an application program using a general-purpose library other than the inherent library can be automatically omitted because the verification process is omitted automatically. In order to allow the application program to be conveniently operated, It is possible to eliminate the troublesomeness required to connect and greatly improve user convenience.

In addition, even when an illegal application program generated by duplicating only the unique library included in the SDK module is distributed, the verification fails in the verification process by the unique library, and the execution of the illegal application program is automatically blocked. It is possible to block the distribution of illegal application programs by blocking the illegal application programs from being used.

In addition, the present invention has the effect of preventing unauthorized modification of an application program by supporting the unauthorized modification of the application program by unauthorized modification in the same manner as hacking.

1 is a configuration diagram of an illegal use prevention system of a library according to an embodiment of the present invention;
2 is a block diagram of an operation for issuing module verification information in a system for preventing illegal use of a library according to an embodiment of the present invention.
3 is a flowchart illustrating an operation of issuing module verification information in a method of preventing illegal use of a library according to an embodiment of the present invention.
4 is a diagram illustrating a configuration of module verification information according to an embodiment of the present invention;
5 is a block diagram of an operation for blocking the execution of an illegal application program according to the execution of a unique library in an illegal use prevention system of a library according to an embodiment of the present invention.
FIG. 6 is a flowchart illustrating an operation for blocking execution of an illegal application program according to execution of a unique library among illegal use prevention methods of a library according to an embodiment of the present invention; FIG.

Hereinafter, detailed embodiments of the present invention will be described with reference to the drawings.

FIG. 1 is a block diagram of a illegal use prevention system of a library according to an embodiment of the present invention. As shown in FIG. 1, a user terminal including a development module 120 for providing an integrated development environment for developing an application program 100 and a module verification service providing apparatus 200 communicating with the user terminal 100 through a communication network.

At this time, the module verification service providing apparatus 200 may be configured as a server, and various widely known wired / wireless communication methods may be applied to the communication network.

In addition, the development module 120 may provide a commercial library to be applied to an application program, and may provide a development tool for generating an application program such as a compiler, a debugger, and the like to generate an executable file for the application program.

The user terminal 100 may include an SDK (not shown) for providing a unique library having a unique function that is not supported through the commercial library in order to expand and diversify functions for an application program generated through the development module 120 Software Development Kit < / RTI >

Accordingly, the development module 120 may add various additional functions to the application program by using a unique library supported by the SDK module 110 when the application program is created.

However, when a user who does not have the right to use the inherent library makes an unauthorized copy of the inherent library provided by the SDK module 110 and uses the inherent library in the development of the application program, the rights of the creator of the inherent library are infringed. Configuration is required.

To this end, when the application program is configured through the development module 120, the hash information for the application program is generated and transmitted to the module verification service providing device 200 And a verification client module 130 for requesting issuance of module verification information (license information) on the usage rights of the unique library applied to the application program.

Accordingly, the module verification service providing apparatus 200 generates module verification information based on the hash information of the application program in response to the issuance request for the module verification information from the verification client module 130, To the client module 130, and the verification client module 130 may receive the module verification information and store the module verification information in the user terminal 100.

The unique library includes a module validation library for determining whether a unique library provided by the SDK module 110 exists or not. When the user terminal 100 executes an application program to which the unique library is applied, In the case of calling the inherent library provided by the SDK module 110 during execution of the application program, the module validation library is executed prior to execution according to the inherent library, so that the module validation library And generates verification information based on the hash information and compares it with the module verification information stored by the verification client module 130. When the verification target information and the module verification information match each other, Privileged And the application program based on the inherent library can be executed.

If the hash information of the application program according to the verification object information does not match the hash information according to the module verification information or the module verification information is not in the user terminal 100, Interruption).

The SDK module 110, the verification client module 130, and the development module 120 may be configured in a program form and stored or installed in the storage unit of the user terminal 100, The control module configured in the control module 100 loads the SDK module 110, the verification client module 130 and the development module 120 from the storage unit so that the control module controls the SDK module 110, the verification client module 130, And may be configured to perform functions provided by the development module 120.

In this case, the storage unit may include a storage unit such as a memory, and the control unit may include a CPU, a GPU, and a bus that perform the above-described configuration using programs and data stored in the storage unit, Can load the SDK module 110, the verification client module 130, and the development module 120 based on an O / S (Operating System) stored in the storage unit to perform various operations.

It should be noted that the SDK module 110, the verification client module 130, and the development module 120 may be all or part of a single module.

A user who is not authorized to use the unique library provided by the SDK module 110 replicates only the unique library provided by the SDK module 110 and configures the unique library in the user terminal 100, When the illegal application program using the inherent library provided by the SDK module 110 is generated and executed without permission through the unauthorized application program, the module verification information for the illegal application program is not generated. Therefore, The module validation library included in the inherent library is executed according to the above description to block the subsequent execution of the illegal application program, thereby preventing illegal use of the inherent library.

Also, even when another user copies an application program and module validation information developed by a user who has the right to use a unique library without permission and changes the application program to another user terminal without any permission, the program is generated The verification target information and the module verification information according to one hash information do not coincide with each other, thereby blocking execution of the unauthorized application program by another user.

In addition, according to the present invention, when an application program using only a commercial library supported by the development module 120 is executed rather than a native library, verification of the inherent library is not performed, thereby minimizing inconvenience to the user.

Detailed operation of the illegal use prevention system of the library according to the embodiment of the present invention will be described in detail with reference to the drawings.

2 is an operational block diagram of a library illegal use prevention system, and FIG. 3 is a flowchart showing the operational block diagram.

Referring to FIGS. 2 and 3, the development module 120, which is linked to the SDK module 110 provided in the user terminal 100 and provides a unique library applied to the application program, An application program can be created using not only the commercial library supported by the development module 120 but also the inherent library provided by the SDK module 110. [

Meanwhile, the verification client module 130 generates hash information for the executable file when the executable file for the application program is generated in cooperation with the development module 120, and generates module verification request information including the hash information To the module verification service providing apparatus 200 through a communication network.

At this time, the verification client module 130 may be configured to automatically generate module verification request information after completing the compilation in the development module 120, and to request the module verification service providing device 200 to generate the module verification request information.

The verification client module 130 requests user authentication information including an ID and a password registered in the module verification service providing apparatus 200 through the user terminal 100 when the application program is generated, The user authentication information may be generated according to the user input through the communication module 100 and included in the module verification request information.

At this time, the verification client module 130 may generate the user authentication information, which is previously stored in the verification client module 130, as the unique authentication information.

On the other hand, when receiving the module verification request information through the communication network, the module verification service providing apparatus 200 may transmit an application program using a unique library provided by the SDK module 110 based on the hash information included in the module verification request information (Issuing) module verification information for verifying the usage right of the user terminal 100 and transmitting the module verification information to the verification client module 130 of the user terminal 100 (S1).

If the module verification request information includes the user authentication information, the module verification service providing apparatus 200 authenticates the user by comparing the user authentication information with the previously registered user information (S2). If the module verification request information includes the user authentication information, And transmits the generated verification information to the verification client module 130 of the user terminal 100.

Accordingly, the module verification service providing apparatus 200 provides the module verification information only to the user who has the authority to use the unique library provided by the SDK module 110, thereby preventing unauthorized use of the unique library of the illegal user .

The module verification service providing apparatus 200 determines whether the use condition is valid based on the contract information on the use contract of the unique library included in the user information of the authenticated user upon receipt of the module verification request information, The module verification information may be generated (S3).

For example, the module verification service providing apparatus 200 stores information on a use range of a unique library contracted with the user, a validity period of use, and the like as contract information, and upon receipt of the module verification request information, It may not generate the module verification information if it exceeds the usage range (e.g., IP bandwidth, etc.) or out of the usage validity period. Accordingly, the module verification service providing apparatus 200 can effectively control the distribution of the module verification information even when the user authentication information is leaked.

4, when the module verification information is generated, the module verification service providing apparatus 200 can add user information including the contract information to the module verification information. In addition, It is needless to say that the user, application program name, hash information about the application program, and the like may be added to the module verification information.

In addition, the module verification service providing apparatus 200 may encrypt the module verification information (S4) and transmit the encrypted module verification information to the verification client module 130 of the user terminal 100 (S5) The module verification information may be encrypted so that the encrypted module verification information can be decrypted with a key derivable from the module verification library included in the unique library.

The module verification service providing apparatus 200 further inserts the digital signature information included in the user information into the module verification information so as to determine whether the module verification information is forged or not, can do.

Meanwhile, the verification client module 130 may receive the module verification information and store the module verification information in the user terminal 100.

When a unique library is invoked according to execution of an application program in the user terminal 100, a module verification library included in the inherent library is executed, and an application program running on the basis of the module verification information It is possible to determine whether the application program is executed subsequently or not according to the determination result.

The user terminal 100 may generate distribution information including the application program and the module verification information and distribute the distribution information to the other user terminal 101. In addition, It is determined whether the module verification library included in the inherent library at the time of calling the inherent library is an application program generated using the legitimate SDK module 110 based on the module verification information, ) May determine whether to execute the application subsequently.

Based on the above-described configuration, the use of the inherent library can be restricted through verification of the usage rights of the SDK module 110 upon the invocation of the inherent library when the application program is executed. .

FIG. 5 is an operational block diagram of a module verification process according to execution of an application program to which a unique library is applied, and FIG. 6 is an operation flowchart of a module verification process according to execution of an application program to which a unique library is applied.

As shown in the figure, the application program is executed in a terminal (user terminal 100 or another user terminal 101) in which the application program is stored (S11), and the application program is provided by the SDK module 110 The module verification library included in the inherent library may be executed together (S12).

Then, the module validation library generates hash information for the application program being executed according to execution of the module validation library, and then verifies an application program to which the unique library of the SDK module 110 is applied based on the hash information (S16), and the verification target information can be compared with the module verification information stored in the terminal (S17).

In this case, the module verification library can determine whether the module verification information exists in the terminal before the generation of the verification object information. If the module verification information does not exist, the module library of the SDK module 110, It is determined that the application program has been applied and the subsequent execution of the application program can be blocked (S13).

The module validation library may determine whether the module validation information is forged based on the digital signature information included in the module validation information when the module validation information exists, It can be determined that the verification has failed and the subsequent execution of the application program can be blocked (S14).

On the other hand, if the digital signature is valid and the module verification information is in an encrypted state, the module verification library generates a decryption key for decrypting the encrypted module verification information and decrypts the encrypted module verification information based on the decryption key (S15).

In this case, the digital signature and the decryption process may be omitted during execution of the module verification library.

Meanwhile, the module verification library can compare the hash information included in the verification object information and the module verification information with each other to determine whether they match (S18). If they match, the module library verification authority It is determined that the application program is a verified application program and the application program can be subsequently executed by the specific library (S19).

At this time, if a result value according to the judgment of the module verification library is derived, the subsequent execution of the inherent library may be automatically determined by referring to the result value.

As described above, according to the present invention, when an application program developed using the SDK module 110, which is a set of unique libraries requiring usage rights, is generated, the module verification information according to the use of the SDK module 110 of the application program is automatically And the verification with reference to the module verification information is automatically performed by the inherent library applied to the application program in the course of execution of the application program so that the illegal application program that failed the verification is automatically blocked by execution of the inherent library It is possible to control the use of the unique library only for the user who has contracted legally with the provider for producing and distributing the inherent library and the use of the inherent library so that the user must be authenticated each time the SDK module 110 is used Omit the cumbersome process There is an effect that it is possible to solve the concern that information necessary for user authentication is exposed to the outside.

The present invention is also applicable to a case where a unique library provided by the SDK module 110 is copied without permission and an illegal application program is illegally used, It is possible to block the entire operation of the illegal application program by blocking its execution when the verification fails and to avoid the verification process according to the execution of the inherent library necessary for the operation process of the illegal application program So that illegal use of the unique library can be effectively blocked.

In addition, since the module verification information for verifying the use of the unique library according to the present invention is issued as information dependent on an individual application program and is encrypted, it can not be duplicated and used. In order to operate the application program, ) And must receive the module verification information that is dependent on the application program, the verification of the inherent library of the application program is necessarily performed, so that the use of the inherent library can be effectively controlled.

In addition, since the present invention replicates only the unique library included in the SDK module 110, the verification is failed in the verification process by the inherent library when the illegal application program is executed, and execution is automatically interrupted. Therefore, illegal application You can block the distribution of illegal applications by blocking the running of programs.

Meanwhile, if the terminal storing the executable file and the module verification information for the application program changes (modifies) the internal information of the executable file for the application program through the editor to change the executable file, The module validation library generates hash information for the executable file upon execution of the application program according to the changed executable file and generates verification target information based on the generated hash information can do.

Accordingly, when the verification target information is compared with the module verification information, the module verification library compares the hash information of the executable file due to the change of the application program with the hash information of the executable file according to the pre- It is determined that the verification target information and the module verification information do not coincide with each other, so that the module verification library can block the execution of the application program according to the change of the execution file.

That is, even if the module verification library is reconfigured through illegal modification such as hacking, execution of the application program is blocked and the unauthorized modification of the application program can be easily blocked.

Meanwhile, in the above-described configuration, the module verification service providing apparatus 200 may be connected to the user terminal 100 locally to transmit and receive the module verification request information and the module verification information.

The module verification service providing apparatus 200 may be configured in the user terminal 100 to transmit and receive information to and from the verification client module 130. At this time, the module verification service providing apparatus 200 may be installed in the user terminal 100 as a program.

In this case, the illegal use prevention system of the library according to the embodiment of the present invention may include a separate authentication device for authenticating the module verification service providing device 200, The module verification information can be generated only when the authentication by the authentication device (license based control, etc.) is performed.

The various devices and components (or modules) described herein may be implemented by hardware circuitry (e.g., CMOS-based logic circuitry), firmware, software, or a combination thereof. For example, it can be implemented utilizing transistors, logic gates, and electronic circuits in the form of various electrical structures.

It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit or essential characteristics thereof. Therefore, the embodiments disclosed in the present invention are intended to illustrate rather than limit the scope of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents should be construed as falling within the scope of the present invention.

100: user terminal 110: SDK module
120: development module 130: verification client module
200: Module verification service providing device

Claims (11)

A Software Development Kit (SDK) module configured in the user terminal and providing a unique library that can be used for application program development;
A development module configured in the user terminal and generating an application program developed using the unique library of the SDK module as an application program executable through compilation;
When generating the application program developed in the user terminal by using the inherent library as an executable application program, it requests authentication information about the user through the user terminal, receives authentication information according to user input, A verification client module that generates hash information for a possible application program and transmits module verification request information including the authentication information and the hash information through the user terminal; And
When receiving the module verification request information from the user terminal, compares the authentication information included in the module verification request information with previously registered user information to generate module verification information based on the hash information when the user is authenticated, To a module verification service providing apparatus,
Wherein when the executable application program using the inherent library is executed, the inherent library is executed to generate verification target information based on the hash information of the executable application program, And compares the received module verification information with module verification information transmitted from the service providing apparatus, and determines whether to execute the executable application program according to whether or not the module verification information matches the module verification information.
delete The method according to claim 1,
Wherein the module verification service providing device encrypts and transmits the module verification information so that the module verification information can be decrypted through the unique library when the executable application program is executed.
The method according to claim 1,
Wherein the module verification information includes information on an issuance date, a user to be issued, an application program name, hash information on an executable application program, and validity period.
The method of claim 4,
Wherein the inherent library called according to execution of the executable application program checks an expiration period according to the module verification information and blocks execution of the executable application program when a valid period expires. Use prevention system.
The method according to claim 1,
The inherent library being called upon execution of the executable application program may be executed when the module verification information does not exist in the terminal on which the executable application program is executed or when the verification target information and the module verification information do not coincide with each other And preventing the execution of the application program.
The method according to claim 1,
Wherein the verification client module automatically generates the module verification request information upon creation of an executable file upon completion of compiling the executable application program by the development module and transmits the module verification request information to the module verification service providing apparatus Use prevention system.
The method according to claim 1,
Wherein the module verification service providing apparatus comprises a device communicating with the user terminal through a network, or being configured in the user terminal or locally connected to the user terminal.
The method according to claim 1,
Wherein the module verification service providing device includes digital signature information previously registered in association with the user terminal in the module verification information to prevent the executable application program from being executed when the verification of the digital signature information is failed by the inherent library Wherein the library is a library system.
The method according to claim 1,
Wherein the unique library includes a module validation library for determining whether or not the unique library is authorized to use,
Wherein the module validation library interrupts execution of the executable application program when the executable file for executing the executable application program is changed so that the verification target information and the module validation information for the executable file do not coincide with each other Features a library of illegal use prevention system.
Generating an application program executable by compiling an application program developed using a unique library that can be used for application program development provided by a software development kit (SDK) module in a user terminal;
When the user terminal generates the application program developed using the inherent library as an executable application program, it requests authentication information for the user through the user terminal, receives authentication information according to user input, Generating hash information for the program, and transmitting module verification request information including the authentication information and the hash information;
When receiving the module verification request information from the user terminal in the module verification service providing apparatus, compares the authentication information included in the module verification request information with previously registered user information, and when the user is authenticated, based on the hash information, And transmitting the generated data to the user terminal; And
Wherein the unique library is executed according to the execution of the executable application program in the user terminal where the executable application program generated by applying the inherent library is executed, and based on the hash information of the executable application program, And comparing the generated verification target information with the module verification information transmitted from the module verification service providing device to determine whether to execute the executable application program in accordance with the match How to prevent illegal use.
KR1020150184163A 2015-12-22 2015-12-22 System and method for preventing illegal use of library KR101738604B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020150184163A KR101738604B1 (en) 2015-12-22 2015-12-22 System and method for preventing illegal use of library

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020150184163A KR101738604B1 (en) 2015-12-22 2015-12-22 System and method for preventing illegal use of library

Publications (1)

Publication Number Publication Date
KR101738604B1 true KR101738604B1 (en) 2017-05-22

Family

ID=59050248

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020150184163A KR101738604B1 (en) 2015-12-22 2015-12-22 System and method for preventing illegal use of library

Country Status (1)

Country Link
KR (1) KR101738604B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20220089289A (en) * 2020-12-21 2022-06-28 한전케이디엔주식회사 Cryptographic library management system and method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20220089289A (en) * 2020-12-21 2022-06-28 한전케이디엔주식회사 Cryptographic library management system and method
KR102421562B1 (en) 2020-12-21 2022-07-15 한전케이디엔주식회사 Cryptographic library management system and method

Similar Documents

Publication Publication Date Title
US11012241B2 (en) Information handling system entitlement validation
JP4906854B2 (en) Information processing apparatus, information recording apparatus, information processing system, program update method, program, and integrated circuit
US8898469B2 (en) Software feature authorization through delegated agents
US8214630B2 (en) Method and apparatus for controlling enablement of JTAG interface
US8510861B2 (en) Anti-piracy software protection system and method
US8281115B2 (en) Security method using self-generated encryption key, and security apparatus using the same
US20060195689A1 (en) Authenticated and confidential communication between software components executing in un-trusted environments
US20070198434A1 (en) Method and apparatus for generating rights object by means of delegation of authority
JP5636371B2 (en) Method and system for code execution control in a general purpose computing device and code execution control in a recursive security protocol
US20010056533A1 (en) Secure and open computer platform
CN102456111B (en) Method and system for license control of Linux operating system
CN1863038B (en) Method of implementing control and management of applied program in terminal apparatus
CN110008659B (en) Software license offline management method and device, computer equipment and storage medium
JP6387908B2 (en) Authentication system
KR20120051662A (en) A method for controlling unauthorized software application usage
JP2007257626A (en) Method and device for temporarily using content using temporary license
JPH07110767A (en) Method for managing and controlling software utilization license
US20050246285A1 (en) Software licensing using mobile agents
KR20040058278A (en) Method and device for protecting information against unauthorised use
US20150262084A1 (en) Methods for defending static and dynamic reverse engineering of software license control and devices thereof
JP2008021021A (en) License authentication method for software
KR101738604B1 (en) System and method for preventing illegal use of library
KR101711024B1 (en) Method for accessing temper-proof device and apparatus enabling of the method
KR102027329B1 (en) Program executing authority authentication method and system
Bahaa-Eldin et al. A comprehensive software copy protection and digital rights management platform

Legal Events

Date Code Title Description
A201 Request for examination
GRNT Written decision to grant