US20140283090A1 - Licensing using a node locked virtual machine - Google Patents

Licensing using a node locked virtual machine Download PDF

Info

Publication number
US20140283090A1
US20140283090A1 US13831651 US201313831651A US2014283090A1 US 20140283090 A1 US20140283090 A1 US 20140283090A1 US 13831651 US13831651 US 13831651 US 201313831651 A US201313831651 A US 201313831651A US 2014283090 A1 US2014283090 A1 US 2014283090A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
id
domain
machine
unique value
license
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US13831651
Inventor
Stanislav Angelov
Robert Gardyne
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jupiter Systems
Original Assignee
Jupiter Systems
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
    • G06F21/105Tools for software license management or administration, e.g. managing licenses at corporate level
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/4557Distribution of virtual machine instances; Migration and load balancing aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/07Indexing scheme relating to G06F21/10, protecting distributed programs or content
    • G06F2221/0757Licence
    • G06F2221/0773Recurrent authorisation

Abstract

A method of licensing software to a particular instance of a virtual machine that is being run as part of an Active Directory domain. Since a virtual machine is a simulation of a physical machine, i.e. a computer, it can easily be cloned to produce an exact duplicate. This poses a problem when it is desired to license an instance of software for use only on a particular virtual machine. The technology disclosed allows for software to be licensed for execution only on a particular instance of a virtual machine that is being run as part of an Active Directory domain.

Description

    BACKGROUND
  • The technology disclosed relates to licensing software executing on virtual machines. Since a virtual machine is a simulation of a physical machine, i.e. a computer, it can easily be cloned to produce an exact duplicate. This poses a problem when it is desired to license an instance of software for use only on a particular virtual machine.
  • Historically one of the primary software licensing methods has been to license software, such as an instance of a software application, such that it is only permitted to execute on a particular physical computer or “node” in a computer network. Another name for a node is a “machine.” In this sense the software license “locks” the software to the particular physical computer and hence the term “node-locked” license.
  • This type of license makes use of unique characteristics of a node, such as the physical computing hardware, to identify a node, and lock the desired software license to it. This is typically done by executing licensing software on the node being licensed that retrieves a unique identifying characteristic of the machine such as the MAC address of a network card or the serial number of the main hard drive and sending this information to a remote license server which grants a license, in the form of license data, to the node. The licensing software then stores the license data in a location accessible to the node, such as a local disk drive or a network drive. The licensing software may or may not be part of the software being licensed. If it is not part of the software being licensed it is typically a software module that is called by the software being licensed.
  • Upon execution, the software being licensed then invokes the licensing software which obtains the unique identifying characteristic of the node and compares it to unique identifying characteristic in the stored license data. If they match, the software being licensed continues execution normally. Otherwise it terminates execution and usually notifies the user that the license was not valid.
  • However, the absence of a unique physical characteristic for a virtual machine renders the above methods unusable for licensing software operating on a virtual machine, since a virtual machine, even though it may be a complete simulation of a physical machine (computer), may easily be cloned to produce an exact copy with exactly the same characteristics as the original from which it was cloned.
  • Thus, with the large number of virtual machines now in use, it is therefore desirable to devise a method that would provide a unique identifier for a virtual machine such as a digitally readable identification code that can be used for licensing purposes.
  • SUMMARY
  • The technology disclosed provides a method of licensing software to a particular instance of a Microsoft Windows® operating system executing on a virtual machine, abbreviated VM, which belongs to a Microsoft Windows® Active Directory domain. There is a distinction here to be made between a VM and an operating system, abbreviated OS, running on the VM. Since a virtual machine is a simulation of a physical machine, i.e. a computer, it can easily be cloned to produce an exact duplicate. Furthermore, multiple operating systems can be run on both a physical machine and a VM simultaneously. This poses a problem when it is desired to license an instance of software for use only with a particular instance of an OS running on a VM. The technology disclosed provides a solution is intended to be used with installations of Microsoft Windows® OSs and applies to Active Directory domains implemented using Microsoft products as well as those implemented to conform to Microsoft's design.
  • In brief, Microsoft Windows® provides Active Directory domain services which are run on Windows servers, and as additional machines running Microsoft Windows® OS, virtual or physical, join a domain, each is assigned a unique machine ID by Active Directory Domain Services. The machine ID is also known as a Relative ID in a Windows® SID, where the SID is a Security Identifier. Even if an exact copy of a VM on the domain is made by a process commonly called “cloning,” when that cloned VM runs Microsoft Windows® OS and joins the domain it is immediately assigned its own unique machine ID different from all other machine IDs on the domain.
  • The technology disclosed makes use of the fact that within an enterprise running Active Directory Domain Services, there may be multiple domains, each one having a unique domain ID. Thus, within a collection of domains running under Active Directory domain services the combination of the machine ID and its domain ID may be used to uniquely identify a particular machine.
  • The technology disclosed combines a machine ID and its domain ID and transforms it into a unique identifier using a hash function. This unique identifier corresponds directly to the machine ID and the domain ID, and thus it may be used to overcome the limitations of node-locked licensing previously posed by virtual machines. This identifier uniquely identifies a particular instance of Windows® OS. Consequently, this identifier may be used to license software running on a Microsoft Windows® OS running in a VM on an Active Directory in the same way as a unique identifier derived from unique characteristics of a physical machine.
  • The unique identifier itself is a hash. A hash, usually performed by a hash function, is the result of performing a transformation that maps a data set of variable or fixed length to a smaller data set of fixed length. Some common hash lengths used for cryptographic purposes are 128 and 256 bits. The most important property of a hash function is collision resistance, i.e., the probability is very low that any two different inputs will produce an identical output value. There are a wide variety of hash implementations which will be apparent to those of ordinary skill in the art.
  • Other aspects and advantages of the technology disclosed can be seen on review of the drawings, the detailed description and the claims, which follow.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a block diagram of the environment in which the technology disclosed may be used.
  • FIG. 2 is a flowchart of the licensing process from the perspective of the software under license.
  • FIG. 3 is a flowchart of the licensing process from the perspective of the license grant application.
  • FIG. 4 is a flowchart of license verification process from the perspective of the software under license.
  • DETAILED DESCRIPTION
  • A detailed description of implementations of the technology disclosed is provided with reference to the FIGS. 1-3.
  • FIG. 1 is a block diagram of the environment in which the technology disclosed may be used. The main components include installations of Microsoft Windows® OSs running on virtual machines (VMs) which belong to a domain managed by Microsoft Windows® Active Directory services (“Active Directory Services” or “Active Directory”) and a license grant application accessible by the software under license. Five VMs are shown, numbered 101-105, with VM3 103 being the one that will be used in the example describing FIG. 1. There are three basic parts to the license process:
  • 1. The machine ID and domain ID are assigned by Active Directory.
  • 2. The software under license obtains a license
  • 3. The software under license verifies the license
  • The first part of the process occurs automatically when a machine ID and a domain ID are assigned by Active Directory when an installation of Microsoft Windows® OS is first run on a VM, such as VM3 in this example, and joins an Active Directory domain.
  • This is indicated in FIG. 1 by the dotted arrow running from the server 150 to the domain ID and machine ID 110 within VM3 103. The combination of the domain ID and the machine ID uniquely identify an instance of Microsoft Windows® OS running on a VM that belongs to a domain being managed by Active Directory services.
  • The second part of the process starts by obtaining a unique identifier based on the machine ID and the domain ID. This is accomplished when the software under license generates a hash using a combination of the machine ID and the domain ID as input. The resulting hash is used as a unique identifier which corresponds to the machine ID and its domain ID. This identifier is then incorporated into a license request 120 and sent to the license grant application 160, which incorporates it into license data, digitally signs the license data and sends it back to the software under license. In some implementations this may be in the form of a license certificate. In others it may be in the form of a license grant response. Both approaches work since they both include the unique identifier used to verify a license. The digitally signed license data 130 is then stored in a location accessible to the software under license. The process of digitally signing data is performed using a digital signature algorithm such as DSA which is a United States Federal Government standard originally proposed by the National Institute of Standards and Technology. Another government standard is the Elliptic Curve Digital Signature Algorithm, or ECDSA. In addition there are other digital signature algorithms such as those based on an RSA public-private key exchange with accompanying encryption.
  • The third part of the license process is verification of the license. When the software under license is executed, it retrieves the license data 130 from the location in which it was previously stored, verifies the digital signature and obtains the original unique identifier. This is compared to a new unique identifier obtained by feeding the current machine ID and domain ID into the same hash function as used previously. If the exact same machine ID and domain ID as before are used, then the results of the hash function will be exactly as before and the newly generated unique identifier will match the original one that was digitally signed and stored with the license data, thus successfully verifying the license.
  • If the verification is successful, the software under license continues execution. Otherwise it terminates, usually with a message that notifies the user that the verification failed.
  • FIG. 2 is a flowchart of the licensing process from the perspective of the software under license. The explanation is similar to that of FIG. 1. It begins with step 200 when the software under license obtains the machine ID and the domain ID, combines them and generates a unique identifier using a hash function.
  • In Step 210 the unique identifier is incorporated into a license request and sent to a license grant application.
  • In step 220 the software under license receives digitally signed license data back from the license grant application. The digitally signed license data includes the unique identifier. The license data may be in the form of a license grant response or a license certificate. There are several alternatives that will be known to those of ordinary skill in the art.
  • In Step 230 the license data is stored in a location accessible to the software under license.
  • FIG. 3 is a flowchart of the licensing process from the perspective of the license grant application. The explanation is similar to that of FIG. 1. It begins with step 300 when the license grant application receives a license request which includes a unique identifier.
  • In step 310 the license grant application now generates license data incorporating the unique identifier.
  • In step 320 the license grant application digitally signs the license data. In step 330 the license grant application incorporates the digitally signed license data into a license grant response and sends it back to the requestor.
  • FIG. 4 is a flowchart of the license verification process from the perspective of the software under license. The explanation is similar to that of FIG. 1. It begins with step 400 and in step 410 the software under license obtains the current machine ID and the current domain ID, combines them and generates a current unique identifier using a hash function.
  • In step 420 the software under license retrieves the license data FIG. 1 130 from the location in which it was previously stored in step FIG. 2 230, verifies the digital signature and obtains the original unique identifier. This is compared to the current unique identifier obtained above in step 410. If they match in step 440, then verification is successful and the software executes normally as in step 450. If they do not match then the license, based on the license data retrieved above in step 420, is not valid and in this and most alternate implementations the software under license terminates as in step 460.
  • Particular Implementations
  • The technology disclosed may be practiced as a method or system adapted to practice the method. The process of digitally signing data is performed using a digital signature algorithm such as DSA which is a United States Federal Government standard originally proposed by the National Institute of Standards and Technology. Another government standard is the Elliptic Curve Digital Signature Algorithm, or ECDSA. In addition there are other digital signature algorithms such as those based on an RSA public-private key exchange with accompanying encryption.
  • In one implementation, a method is described for managing a software license for software under license running on a Microsoft Windows® OS running on virtual machines (VMs) which belong to a domain managed by Microsoft Windows® Active Directory services. Active Directory is a Microsoft Windows® directory service for Windows domain networks. A domain controller, such as Microsoft's Active Directory domain services, manages the machines on a domain. A machine ID and a domain ID are assigned by Active Directory when an installation of Microsoft Windows® OS is first run on a VM and joins an Active Directory domain. The combination of the domain ID and the machine ID uniquely identify an instance of Microsoft Windows® OS running on a VM that belongs to a domain being managed by Active Directory services. A unique identifier can be generated using the domain ID and machine ID, and this identifier can be used to license software running on the OS installation. This unique identifier may be incorporated into license data, which may be in the form of a license certificate, that binds the software under license to a particular instance of Microsoft Windows® OS running on virtual machines (VMs) which belong to a domain managed by Microsoft Windows® Active Directory services.
  • This method and other implementations the technology disclosed each optionally include one or more the following features.
  • The software under license can generate a hash using a combination of the machine ID and the domain ID as input. The resulting hash is used as a unique identifier which corresponds to the machine ID and its domain ID. This identifier is then incorporated into a license request and sent to license grant application, which incorporates it into license data, digitally signs the license data and sends it back to the software under license. The digitally signed license data is then stored in a location accessible to the software under license.
  • A unique ID can, alternatively, be constructed by using the machine ID and the domain ID directly as the unique identifier instead of a hash.
  • Other implementations may include a non-transitory computer readable storage media storing instructions executable on a processor to perform a method is described above. Yet another implementation may include a system with memory and one or more processors operable to execute instructions, stored in memory, perform the method as described above. This is true of each of the following implementations and will, for the sake of brevity, not be repeated.
  • In another implementation, when the software under license is executed, it retrieves the license data from the location in which it was previously stored, verifies the digital signature and obtains the registered unique identifier. This is compared to a current unique identifier obtained by feeding the current machine ID and domain ID into the same hash function as used previously. If the exact same machine ID and domain ID as before are used, then the results of the hash function will be exactly as before and the newly generated unique identifier will match the original one that was digitally signed and stored with the license data, thus successfully verifying the license. If the verification is successful, the software under license continues execution. Otherwise it terminates, usually with a message that notifies the user that the verification failed.
  • This implementation can be combined with any of the registration features described above.
  • In another implementation, either of the two previous methods could be used with a central license server in place of the license grant application. The license server could Ernie store all the license data in a database and verify incoming license requests against the license data stored in the database.
  • In another implementation the software under license executing on an instance of a Microsoft Windows® operating system executing on a VM belonging to an Active Directory domain verifies that it is licensed to run on a particular instance of Microsoft Windows® operating system executing on a VM belonging to an Active Directory domain by comparing a current unique value to a digitally signed registered unique value stored in a location accessible to the software under license, such as a local disk drive or a network drive.
  • To register, the software first obtains the values of the machine ID and the domain ID corresponding to the particular instance of Microsoft Windows® operating system executing on a VM belonging to an Active Directory domain. The unique value may be a combination of the machine ID and the domain ID or it may be a value derived the machine ID and the domain ID, such as the result of performing a hash on a combination of the machine ID and the domain ID. In either case, a unique value corresponding to the current machine ID and the current domain ID is obtained and sent to a license grant application digitally signs it and sends it back as license data which may be in the form of a license grant response or license certificate. When the software under license receives the digitally signed license data, it stores it in a location accessible to the software under license, such as a local disk drive or a network drive. This completes the registration process.
  • To perform the license verification, the software under license first obtains the current values of the machine ID and the domain ID corresponding to the particular instance of Microsoft Windows® operating system executing on a VM belonging to an Active Directory domain. As noted above, the unique value may be a combination of the machine ID and the domain ID or it may be a value derived the machine ID and the domain ID, such as the result of performing a hash on a combination of the machine ID and the domain ID. In either case, a current unique value corresponding to the current machine ID and the current domain ID is obtained. The emphasis here is on the current values of the machine ID and domain ID as opposed to the values used at a prior time for registration, since the goal is to ensure that they have not changed in the interim and that they match, the process being described below.
  • The software now retrieves the digitally signed registered unique value, which may be stored on non-transitory computer readable storage media accessible to the software and verifies the digital signature using any one of several methods, including the digital signature algorithms mentioned elsewhere in this document.
  • The final step in the process is to compare the registered unique value to the current unique value, both having been generated in the same manner. In particular, if the same hash function is used to generate both the current and registered unique values, then the result will be exactly equal if they are both generated using the same input values. Alternatively, the combination of a machine ID and domain ID can be used in which case the registered combination of the machine ID and domain ID should match the current combination of the machine ID and domain ID. As explained elsewhere, this latter method is not as efficient or as secure as using a hash.
  • Once the current and registered values of the unique ID have been verified to match, the verification process is complete and the software under license may continue execution. If they do not match, then an appropriate message may be sent to the user and the software under license may not continue execution.
  • While the technology disclosed is disclosed by reference to the preferred embodiments and examples detailed above, it is to be understood that these examples are intended in an illustrative rather than in a limiting sense. It is contemplated that modifications and combinations will readily occur to those skilled in the art, which modifications and combinations will be within the spirit of the invention and the scope of the following claims.

Claims (15)

    What is claimed is:
  1. 1. A method of obtaining a license certificate for software executing on an instance of a Microsoft Windows® operating system executing on a virtual machine, abbreviated VM, belonging to an Active Directory domain to the VM, including:
    obtaining a machine ID from an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain;
    obtaining a domain ID for said Active Directory domain;
    sending to a license grant application the machine ID and the domain ID or a unique value derived from the machine ID and the domain ID; and
    receiving from the license grant application digitally signed license data that includes the machine ID and the domain ID or a unique value derived from the machine ID and the domain ID; and
    storing the digitally signed license data.
  2. 2. A method of managing a license of software executing on an instance of a Microsoft Windows® operating system executing on a virtual machine, abbreviated VM, belonging to an Active Directory domain, including:
    receiving from a software application executing on an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain, a request including a machine ID and a domain ID or a unique value derived from the machine ID and the domain ID;
    incorporating into a response the machine ID and domain ID, or the unique value derived from the machine ID and the domain ID;
    digitally signing the response; and
    sending the response to the said software application.
  3. 3. A method of managing a license of software executing on an instance of a Microsoft Windows® operating system executing on a virtual machine, abbreviated VM, belonging to an Active Directory domain, including;
    obtaining a machine ID from an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain;
    obtaining a domain ID for said Active Directory domain;
    generating a current unique value derived from the machine ID and the domain ID;
    retrieving digitally signed stored data which includes a registered unique value;
    verifying the digital signature on the stored data; and
    verifying that the current unique value matches the registered unique value.
  4. 4. The method of claim 3, in which the current unique value combines the machine ID and the domain ID.
  5. 5. The method of claim 3, in which the current unique value is a hash of the machine ID and the domain ID.
  6. 6. A computer system for obtaining a license certificate for software executing on an instance of a Microsoft Windows® operating system executing on a virtual machine, abbreviated VM, belonging to an Active Directory domain to the VM, including:
    a processor and a computer readable storage medium storing computer instructions configured to cause the processor to:
    obtain a machine ID from an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain;
    obtain a domain ID for said Active Directory domain;
    send to a license grant application the machine ID and the domain ID or a unique value derived from the machine ID and the domain ID; and
    receive from the license grant application digitally signed license data that includes the machine ID and the domain ID or a unique value derived from the machine ID and the domain ID; and
    store the digitally signed license data.
  7. 7. A computer system for managing a license of software executing on an instance of a Microsoft Windows® operating system executing on a virtual machine, abbreviated VM, belonging to an Active Directory domain, including:
    a processor and a computer readable storage medium storing computer instructions configured to cause the processor to:
    receive from a software application executing on an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain, a request including a machine ID and a domain ID or a unique value derived from the machine ID and the domain ID;
    incorporate into a response the machine ID and domain ID, or the unique value derived from the machine ID and the domain ID;
    digitally sign the response; and
    send the response to the said software application.
  8. 8. A computer system for managing a license of software executing on an instance of a Microsoft Windows® operating system executing on a virtual machine, abbreviated VM, belonging to an Active Directory domain, including:
    a processor and a computer readable storage medium storing computer instructions configured to cause the processor to:
    obtain a machine ID from an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain;
    obtain a domain ID for said Active Directory domain;
    generate a current unique value derived from the machine ID and the domain ID;
    retrieve digitally signed stored data which includes a registered unique value;
    verify the digital signature on the stored data; and
    verify that the current unique value matches the registered unique value.
  9. 9. The computer system of claim 8, in which the current unique value combines the machine ID and the domain ID.
  10. 10. The computer system of claim 8, in which the current unique value is a hash of the machine ID and the domain ID.
  11. 11. A computer readable storage medium storing computer instructions configured to cause a processor to:
    obtain a machine ID from an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain;
    obtain a domain ID for said Active Directory domain;
    send to a license grant application the machine ID and the domain ID or a unique value derived from the machine ID and the domain ID; and
    receive from the license grant application digitally signed license data that includes the machine ID and the domain ID or a unique value derived from the machine ID and the domain ID; and
    store the digitally signed license data.
  12. 12. A computer readable storage medium storing computer instructions configured to cause a processor to:
    receive from a software application executing on an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain, a request including a machine ID and a domain ID or a unique value derived from the machine ID and the domain ID;
    incorporate into a response the machine ID and domain ID, or the unique value derived from the machine ID and the domain ID;
    digitally sign the response; and
    send the response to the said software application.
  13. 13. A computer readable storage medium storing computer instructions configured to cause a processor to:
    obtain a machine ID from an instance of a Microsoft Windows® operating system executing on a VM and belonging to an Active Directory domain;
    obtain a domain ID for said Active Directory domain;
    generate a current unique value derived from the machine ID and the domain ID;
    retrieve digitally signed stored data which includes a registered unique value;
    verify the digital signature on the stored data; and
    verify that the current unique value matches the registered unique value.
  14. 14. The computer readable storage medium of claim 13, in which the current unique value combines the machine ID and the domain ID.
  15. 15. The computer readable storage medium of claim 13, in which the current unique value is a hash of the machine ID and the domain ID.
US13831651 2013-03-15 2013-03-15 Licensing using a node locked virtual machine Abandoned US20140283090A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US13831651 US20140283090A1 (en) 2013-03-15 2013-03-15 Licensing using a node locked virtual machine

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13831651 US20140283090A1 (en) 2013-03-15 2013-03-15 Licensing using a node locked virtual machine
US14941015 US20160070891A1 (en) 2013-03-15 2015-11-13 Licensing using a node locked virtual machine

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14941015 Continuation US20160070891A1 (en) 2013-03-15 2015-11-13 Licensing using a node locked virtual machine

Publications (1)

Publication Number Publication Date
US20140283090A1 true true US20140283090A1 (en) 2014-09-18

Family

ID=51535135

Family Applications (2)

Application Number Title Priority Date Filing Date
US13831651 Abandoned US20140283090A1 (en) 2013-03-15 2013-03-15 Licensing using a node locked virtual machine
US14941015 Pending US20160070891A1 (en) 2013-03-15 2015-11-13 Licensing using a node locked virtual machine

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14941015 Pending US20160070891A1 (en) 2013-03-15 2015-11-13 Licensing using a node locked virtual machine

Country Status (1)

Country Link
US (2) US20140283090A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150020069A1 (en) * 2013-07-11 2015-01-15 Ritesh Patani Systems and methods of licensing and identification of virtual network appliances
JP2016119068A (en) * 2014-12-23 2016-06-30 インテル・コーポレーション Licensing in cloud

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110197062A1 (en) * 2010-02-05 2011-08-11 International Business Machines Corporation Method and system for license management
US20140181892A1 (en) * 2012-12-23 2014-06-26 Vincent Edward Von Bokern Hardware-based device authentication

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8595361B2 (en) * 2009-02-10 2013-11-26 Novell, Inc. Virtual machine software license management
US8826391B2 (en) * 2012-07-02 2014-09-02 Freescale Semiconductor, Inc. Virtualized trusted descriptors

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110197062A1 (en) * 2010-02-05 2011-08-11 International Business Machines Corporation Method and system for license management
US20140181892A1 (en) * 2012-12-23 2014-06-26 Vincent Edward Von Bokern Hardware-based device authentication

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150020069A1 (en) * 2013-07-11 2015-01-15 Ritesh Patani Systems and methods of licensing and identification of virtual network appliances
US9342669B2 (en) * 2013-07-11 2016-05-17 Dialogic, Inc. Systems and methods of licensing and identification of virtual network appliances
JP2016119068A (en) * 2014-12-23 2016-06-30 インテル・コーポレーション Licensing in cloud

Also Published As

Publication number Publication date Type
US20160070891A1 (en) 2016-03-10 application

Similar Documents

Publication Publication Date Title
Xiao et al. Security and privacy in cloud computing
Wang et al. Oruta: Privacy-preserving public auditing for shared data in the cloud
US6327652B1 (en) Loading and identifying a digital rights management operating system
US6330670B1 (en) Digital rights management operating system
US7194092B1 (en) Key-based secure storage
US6820063B1 (en) Controlling access to content based on certificates and access predicates
US20100082987A1 (en) Transparent trust validation of an unknown platform
US6647494B1 (en) System and method for checking authorization of remote configuration operations
US20130125114A1 (en) Computational asset identification without predetermined identifiers
US20090307487A1 (en) Apparatus and method for performing trusted computing integrity measurement reporting
US20050060549A1 (en) Controlling access to content based on certificates and access predicates
Pang et al. Verifying completeness of relational query results in data publishing
US20090106549A1 (en) Method and system for extending encrypting file system
US20100083001A1 (en) Auditor Assisted Extraction And Verification Of Client Data Returned From A Storage Provided While Hiding Client Data From The Auditor
US20040177260A1 (en) System and method for remote code integrity in distributed systems
US20150089621A1 (en) Secure login for subscriber devices
US20080098457A1 (en) Identity controlled data center
US20060185017A1 (en) Execution validation using header containing validation data
US20130318357A1 (en) System and Method for Secure Software Update
US20120324236A1 (en) Trusted Snapshot Generation
US20020083325A1 (en) Updating security schemes for remote client access
US20070240206A1 (en) Intersystem single sign-on
US20130073854A1 (en) Data storage incorporating crytpographically enhanced data protection
US20060090070A1 (en) Method and system for verifying binding of an initial trusted device to a secured processing system
US20070203957A1 (en) Automatic authentication of backup clients