WO1995035533A1 - Procede pour empecher l'utilisation d'un logiciel sur un ordinateur non autorise - Google Patents

Procede pour empecher l'utilisation d'un logiciel sur un ordinateur non autorise Download PDF

Info

Publication number
WO1995035533A1
WO1995035533A1 PCT/CA1995/000354 CA9500354W WO9535533A1 WO 1995035533 A1 WO1995035533 A1 WO 1995035533A1 CA 9500354 W CA9500354 W CA 9500354W WO 9535533 A1 WO9535533 A1 WO 9535533A1
Authority
WO
WIPO (PCT)
Prior art keywords
computer
software
user
derived
balance
Prior art date
Application number
PCT/CA1995/000354
Other languages
English (en)
Inventor
Josef Penkava
Robert C. Clark
Victor Sirbu
Douglas H. Lundy
David J. Conforzi
W. Norman Maxwell
Original Assignee
Megalode Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Megalode Corporation filed Critical Megalode Corporation
Priority to AU26665/95A priority Critical patent/AU2666595A/en
Publication of WO1995035533A1 publication Critical patent/WO1995035533A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/101Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM] by binding digital rights to specific entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Definitions

  • the present invention relates generally to the prevention of unauthorized use of software. More particularly, the present invention relates to the preventing of a computer program from being executed on a computer system or computer network, other than one which has been previously authorized.
  • a computer program is typically installed in a computer with a fixed disk or hard drive by transferring the program from a floppy disk or CD-ROM (purchased from a software publisher) to the fixed disk for subsequent use by the computer system. While the program may have originally been legitimately purchased, the purchaser may thereafter make copies for use by the purchaser or others in other computer systems or may simply use the floppy disk to install the software in other computer systems, without permission of the software publisher, thereby depriving the software publisher of the additional revenues of sale of additional 'software packages to which the publisher is entitled. Although back-up copies of software are normally considered desirable, it is also desirable for the financial health of the software industry that such "piracy" be stopped.
  • Durst. Jr. et al discloses a technique for preventing a computer program from being used by a computer system other than a designated system.
  • the values of certain characteristics exhibited by the designated computer system first are stored, and then the values of those same characteristics exhibited by the computer system which is intended to use the computer program are measured and compared to the stored values. If the compared values are substantially the same, the computer program may be executed. However, if they are different, the computer system which was intended to use the program is inhibited from executing that program.
  • Durst. Jr. et al have a tendency to have no current uniqueness (although perhaps unique at one time, standardization may have resulted in non-uniqueness, for example, there is now a standard disk drive speed) , or the characteristics may change over time undesirably making the software unavailable on the computer on which it is originally installed. Furthermore, the values of the characteristics are stored in the software to be compared with the values of characteristics of a computer on which the software is to be used. This has the disadvantage of being easy to circumvent since the values are stored in a known location in all programs, thus being accessible to every level of programmer.
  • U.S. patent 4,740,890 to William discloses the use of. a remote computer to provide unlocking codes derived from master lists or algorithms.
  • data security has been maintained by the use of coded transmission utilizing a pair of numbers wherein a plurality of randomly-generated digits in one number has a mathematical relationship to the other number so as to yield a prime number for coding the transmission, and the same prime number is used for decoding the transmission.
  • coded transmission utilizing a pair of numbers wherein a plurality of randomly-generated digits in one number has a mathematical relationship to the other number so as to yield a prime number for coding the transmission, and the same prime number is used for decoding the transmission.
  • U.S. patent 4,319,079 to Best various encryption systems have been developed to provide data security within data processing systems. However, computer-aided techniques for breaking codes are becoming more sophisticated.
  • U.S. patent 5,222,134 to Waite et al discloses such a technique wherein a computer is provided with a registration shell, and a data link is established between the computer and a registration computer. By providing the registration computer with various information, a potential licensee can register to utilize the program. Once the registration process is complete, a tamper-proof overlay program is constructed at the registration computer and transferred to the user's computer. The overlay includes critical portions of the main program, without which the main program would not operate. This process undesirably requires a modem on the user's computer.
  • U.S. patent 5,199,066 to Logan which is incorporated herein by reference, discloses a method and system for protecting a software program recorded within a storage medium for use with or transmission to computer or processor based hardware.
  • a hardware code uniquely associated with the particular hardware and a first software code uniquely associated with the particular embodiment of the software are inputted.
  • the hardware code is stated to be the numeric serial number of the hardware upon which the program is to operate. It is further stated that, in the case of some computers and some storage media, the program may have the ability to recall or otherwise obtain and input the software serial number and possibly the hardware serial number without any specific action by the user.
  • a first predetermined operation is performed upon the hardware code and the first software code to produce an intermediate code.
  • a unique activation code obtained from the software supplier is inputted and a second predetermined operation is performed upon the intermediate code and the activation code to produce a second intermediate code.
  • the second intermediate code is compared to a second software code uniquely associated with the particular embodiment of the software and stored in a hidden location within the software.
  • the use of the software is enabled only if the second intermediate code and the second software code are identical.
  • the hidden software code changes each time the software is copied, for example, by the addition of 7 each time.
  • the software supplier may have a "hot line" phone to permit the user to obtain the activation code.
  • the Lo ⁇ an method relies on hiding a software code in a hidden location within the software.
  • this code undesirably is within access by the user to allow formulation of an activation code (without making a telephone call to legitimately obtain it) and subsequent installation of the software to be achievable if the hidden code is located and the process then reverse-engineered.
  • the hardware code which is used to generate the activation code is actually whatever number is inputted by the user and given to the supplier by the user. Since the software is not required to confirm that the activation number is based on the serial number of the specific computer to be authorized, the activation code which is supplied will allow installation of the software on any computer.
  • a method for preventing use of software on an unauthorized computer wherein the software is programmed to generate and output to the user of a computer a first or validation number derived from one or more of the following computer characteristics: serial number of the hard disk, the BIOS data from ROM, the number of sectors per track of the hard disk, the number of heads of the hard disk, and the number of cylinders of the hard disk.
  • a second or activation number derived from the first number is encrypted by operation of a second computer at a remote location inaccessible to the user for input to the user's computer to allow use of the software on the user's computer.
  • the second number includes one or more randomly generated digits which, when a predetermined mathematical operation is performed thereon and on at least one of the digits of the validation number, yields a derived balance number.
  • This derived balance number is used in the user's computer to encrypt a thumbprint of the computer characteristic including a preselected signature and a productprint.
  • the software decodes the thumbprint and productprint using a predetermined balance number. If the derived balance number is equal to the predetermined balance number, the program will execute. Otherwise, it will not execute.
  • Fig. 1 is a perspective view of a personal computer and a floppy disk within which is stored a computer program wherein the computer is to be authorized for use of the program therein in accordance with the present invention.
  • Fig. 2 is a generally diagrammatic view illustrating the hard disk drive therefor.
  • Fig. 3 is a generally diagrammatic view illustrating the software activation process which embodies the present invention.
  • Fig. 4 is a block diagram of the process.
  • Fig. 5 is a flow diagram therefor.
  • Fig. 6 is a flow diagram of a process for generating a validation number therefor.
  • Fig. 7 is a flow diagram of a process for generating from the validation number an activation number.
  • Fig. 8 is a flow diagram for execution of the software.
  • Fig. 9 is a flow diagram of the entering of the activation number by the user.
  • Fig. 10 is a flow diagram of generation of a thumbprint in the computer.
  • Fig. 11 is a diagrammatic view illustrating the thumbprint format in the computer.
  • Fig. 12 is a view similar to that of Fig. 11 illustrating the productprint format in the computer.
  • Fig. 13 is a diagrammatic view of the thumbprint/productprint areas illustrating scrambling of the thumbprint.
  • Fig. 14 is an enlarged view of the thumbprint area of Fig. 13.
  • Fig. 15 is a view similar to that of Fig. 3 illustrating an alternative embodiment to the present invention.
  • Fig. 16 is a flow diagram similar to that of Fig. 6 illustrating an alternative method of generating the validation number.
  • Fig. 17 is a flow diagram similar to that of Fig. 7 illustrating an alternative method of generating the activation number.
  • the personal computer 10 includes a standard keyboard 12, a standard cathode ray tube (CRT) or screen 14, and a pair of floppy disk drives 16.
  • the keyboard 12 is employed to facilitate communication between an individual user, illustrated at 40 in Fig. 3, and the computer 10 in a manner which is generally well known in the computer art.
  • the CRT 14 also functions in a manner well known in the computer art for displaying information inputted through the keyboard 12 as well as information outputted by the inner workings of the computer 10.
  • the disk drives 16 are employed in a manner well known in the computer art for receiving one or more floppy disks to facilitate the loading or entry of computer software or programs stored within a floppy disk into the computer 10.
  • a typical floppy disk 18 is illustrated in Fig. 1. As used herein, the terms,
  • program "computer program,” “software” and “software program” are interchangeably used to mean a series of instructions which are used to control the operation of computer hardware or other computer-based or process-based hardware.
  • the reference numeral 18 will be used herein to refer interchangeably to the floppy disk as well as the program contained thereon.
  • a personal computer 10 While in the present description of a preferred embodiment of the invention, a personal computer 10 is shown and described, it will be appreciated by those skilled in the art that the present invention may be employed in conjunction with any other type of computer, including standard computers such as a microcomputer, a mini-computer, a main-frame computer, a computer network, and/or special purpose computers. In addition, the present invention may be employed in connection with any other type of computer or processor-based hardware such as computer or processor controlled machinery or equipment.
  • computer network is meant a plurality of computers which communicate via a client server, peer-to-peer, or the like.
  • the computer program or software is illustrated as being stored within a floppy disk 18, it will be appreciated by those skilled in the art that the program or software could alternatively be stored in any other type of storage medium, for example, a different magnetic medium, such as a CD-ROM drive, a hard disk drive, magnetic tape, etc.; a semiconductor based storage medium, such as a random access memory (RAM) , a read only memory (ROM) , a programmable read only memory (PROM), etc.; or a nontraditional storage medium, such as a digital audio or video tape or disk or network of storage devices. Accordingly, it should be clearly understood that the present invention is not limited to the particular computer hardware 10 or storage medium 18 used to illustrate the preferred embodiment of the invention.
  • a fixed or hard disk drive for computer 10 which includes a multiplicity of platters 22 rotatable about a hub 24.
  • Each platter 22 contains a plurality of concentric circular tracks 26 each containing a plurality of sectors 28 used for storage of digital information.
  • the hard drive controller illustrated at 32, manages the space so that, as seen by the computer 10, there are on average typically 17 sectors 28 per track 26.
  • Each platter 22 is two-sided and has on each side a read/write head 30 which magnetically stores onto and reads digital information from the platter 22.
  • a cylinder 34 is a logical ordering so that the controller 32 can simultaneously write to both sides of each of a multiplicity of platters 22.
  • a purchaser 40 of a publisher's software package 18 wishes to use the software on the computer 10
  • the software requires that it first be authorized.
  • the software 18 is embedded with a program which prevents use of the software (or copies thereof) on a computer unless authorization is obtained for use on the particular computer.
  • a maximum number of concurrent users may be authorized for use of the software, as described hereinafter.
  • the program 18 encrypts from one or more computer characteristics, as indicated at 42, a first or validation number, as indicated at 44, which appears on the computer screen along with instructions for obtaining a second or activation number for inputting to the computer 10, as indicated at 46, for executing the software 18, as indicated at 48.
  • phones 52 and 54 respectively are used to orally communicate the validation number (and other information to be described hereinafter) over phone line 56 to the activation center operator 50 who then inputs via keyboard 58 the validation number to a second computer 60, which may be similar to computer 10 or another suitable conventional computer.
  • This number is then used by the program 63 in computer 60 to generate and encrypt an activation number, as indicated at 62.
  • the reference numeral 63 refers to a hard disk drive in computer 60 as well as a program stored thereon.
  • the activation number is generated to be related to the validation number so that a number, herein called a "derived balance number, " may be derived therefrom, as hereinafter discussed.
  • the activation number is then provided by the operator 50 to the user 40 over phone line 56, who then inputs it to computer 10 by means of keyboard 12.
  • the software program 18 then utilizes the validation and activation numbers, as indicated at 64, to obtain the derived balance number. If the validation and activation numbers have been correctly generated and inputted to the user's computer, the derived balance number will be equal to a predetermined balance number.
  • This derived balance number is then used to encrypt a thumbprint of the computer characteristics including a preselected signature (TP) and a productprint (PP) , as indicated at 65.
  • TP preselected signature
  • PP productprint
  • the program For the software to be executed, as indicated at 124, the program is loaded to the hard disk 20, as indicated at 120, and the thumbprint and productprint are decrypted using the predetermined balance number, as indicated at 67. It is envisioned that, with CD-ROM or some other medium, the software program may not be loaded to the hard disk. If the preselected signature is retrieved, the program 18 proceeds with execution of the software, as indicated at 48.
  • a "predetermined balance number” is a number which is embedded in the software 18 or otherwise provided to decrypt the preselected signature
  • a "derived balance number” is a number which is derived mathematically from the validation and activation numbers for encrypting the signature.
  • a "signature” or "preselected signature” is information in the form of a preselected set of digits or characters which the software 18 is programmed to recognize or locate upon use of a decryption process using the predetermined balance number in order that the software be authorized for use.
  • the signature will be correctly encrypted and can as a result be decrypted by the predetermined balance number to yield the preselected signature whereby the program may be executed. Otherwise, the preselected signature cannot be found and the program will not execute.
  • modems 53 and 55 may be provided for computers 10 and 60 respectively for transmitting and receiving the needed information.
  • Fig. 5 illustrates in greater detail at 65 the process for activation of the software 18.
  • the user 40 begins the process by inserting the diskette or CD-ROM or the like containing the software 18 in the respective drive 16.
  • the user may have previously down-loaded (by modem) an embedded software package from a computer bulletin board service or other electronic distribution service.
  • the software will be residing on the hard disk drive, awaiting activation.
  • the user selects the "activate" or "install” option.
  • the software application code checks for previous activation of this software package 18 on this particular computer system 10, i.e., is there a valid thumbprint/productprint (TP/PP) for this product.
  • TP/PP thumbprint/productprint
  • the program may proceed with installation or re-installation of the software 18 without a call to the activation center. If "no,” a first screen appears which greets the user 40 in the publisher's name and prompts the user to exit or to proceed with software activation.
  • the application code reads the system characteristics, which will be discussed hereinafter, and a second screen appears showing the publisher's name, product and version, customer identification, and product identification. The user is then requested to enter the publisher's product serial number after which it is validated for transcription errors. The user is requested to have basic demographic information available before making a "1-800,” “1-900,” “DDD, " or the like telephone call to the activation center 61 and is then requested to call the activation center 61.
  • the operator 50 requests the customer's identification number, the product identification number, and published product serial number and displays the customer screen. The operator then receives and enters this information in the activation center computer 60. The last two digits of each of these numbers are check digits, determined in accordance with principles commonly known in the art to which this invention pertains, by means of which the program 63 checks whether the numbers are valid numbers. The operator may then receive and enter demographic information from a new customer or updated demographic information from an existing customer. The program 18 then proceeds to generate from the system characteristics a validation number which then appears on the screen.
  • the operator 50 requests and enters the validation number in the activation center computer 60, and the program 63 in the activation center computer proceeds to generate an activation number, as described hereinafter.
  • This activation number is then relayed by phone from the operator 50 to the user 40, who then enters the information in computer 10. As previously discussed, this information may alternatively be transmitted back and forth by modem-to-modem communication.
  • the program 18 After deriving the balance number, the program 18 then "writes" the product identification, the computer characteristics, and the preselected signature in the form of a thumbprint/productprint (TP/PP) encrypted by the derived balance number, as described hereinafter, to the hard disk drive 20.
  • TP/PP thumbprint/productprint
  • the TP/PP will be encrypted and written using a different number, and the preselected signature will not be found when subsequently applying the decryption process using the predetermined balance number.
  • future efforts to execute previously authorized computer programs on this computer system will be unsuccessful.
  • the screen will then prompt the user to proceed with installation of the computer program or to exit. If the user selects "proceed", the publisher package installation proceeds, and, when complete, the user system returns to the operating system prompt.
  • the system characteristics on which the validation number is based have a tendency to change over time or are not sufficiently unique, as are the characteristics disclosed in the Durst, Jr. et al patent, then authorization of a computer may be unreliable in that the authorization may be lost if the characteristics change or the software may not reliably be prevented from use on an unauthorized computer system.
  • the characteristics of the computer system on which the validation number is based are chosen to be unique and unchanging so that subsequent program execution on the same computer system is seamless yet attempts to execute the program on a different computer system will result reliably in the program being prevented from executing without a further authorization from the activation center.
  • a suitable set of computer characteristics which are available on standard industry hardware by accessing various interrupts and direct read functions in "C" language, using principles commonly known to those of ordinary skill in the art to which this invention pertains, are the serial number of the hard disk 20 (20 bytes), the BIOS data from ROM (read only memory), i.e., the date (MM/DD/YY) the system board for computer 10 was manufactured (8 bytes) , and disk information consisting of the number of sectors 28 per track 26 (1 byte) , the number of heads 30 (1 byte) , and the number of cylinders 34 (2 bytes) .
  • the set of characteristics may be less than the above as long as the desired uniqueness is obtained.
  • the serial number of the hard disk 20, which includes a unique manufacturer identification number may be sufficient.
  • the combination of the BIOS data and the hard disk information may be sufficient.
  • these 32 bytes of information are reduced to 4 internal random bytes (for example, A * !0), as indicated at 72, by the conventional technique of a recursive modulus 256 check-sum procedure, a technique commonly known to those of ordinary skill in the art to which this invention pertains.
  • Each of the four bytes correspond to numbers between 0 and 255, for example, 61, 128, 85, 40.
  • the reduction in the number of bytes is primarily to reduce the volume of information to be transmitted over the phone by the user and operator. However, with modem-to-modem communication, as previously discussed relative to Fig. 15, it may be unnecessary to reduce the 32 bytes to 4 since convenience of the user and operation would no longer be a consideration.
  • check digits D 3 , D 4 , and D 5 may be calculated similarly with "shifting to the right" occurring for each check digit. As illustrated at 76, these check digits are placed in an intermediate storage buffer to await the generation of 5 random digits, as hereinafter discussed.
  • the program 18 generates the 5 random digits R, to R 5 .
  • these random digits Rj to R 5 are added respectively to the check digits O, to D 5 ( and any resulting digit in the 10s column dropped) to obtain a set of digits Cj to C 5 .
  • the digits C x to C 5 and the random digits Rj to R 5 are assembled as Rj... R 5 , Ci... C 5 , i.e. ,
  • C 6 is calculated by summing the products of the 10 digits and 2, 3, 4, 5, 6, 7, 8, 9, 2, 3 respectively and dividing by 10, the remainder being C 6 which, in this example, is 6, as follows:
  • check digit C 7 8
  • the resulting pseudo-random validation number generated by the program 18 in the user's computer 10 comprises digits which are meaningless to the user and have no meaning relative to the computer characteristics, except that the computer characteristics can be derived therefrom by means of a program which traces backwardly the validation code to the original 32 bytes. Since the process is pseudo ⁇ random, the derivation of such a program by a hacker is not envisioned.
  • the activation computer 60 can confirm that the validation number provided by the user 40 is a correct and not a fabricated or incorrectly given validation number.
  • Fig. 16 there is illustrated an alternative method of generating the validation number which allows the authenticity of the customer and product identification and the product serial no. to be checked for relational correctness and whether the information given over the phone corresponds to what is entered in the computer 10. Often, the product identification and product serial numbers are within a range of numbers, permitting a further check on their correctness.
  • the customer and product identification numbers, the publisher's serial number, and the preliminary validation number are first assembled into a number (customer ID....C 7 ), the preliminary validation number in this embodiment being defined to be the same as the 12-digit validation number previously discussed.
  • This assembled number is then used to generate from all of the bytes thereof two check digits C 8 and C 9 , as indicated at 202, in a manner as previously discussed for generation of check digits.
  • the resulting number with these check digits appended (customer ID....C 9 ) is then summed. Two more check digits C 10 and C n are then generated based on the sum, as indicated at 206, again using similar principles for check digit generation.
  • the check digits C 8 , C 9 , C 10 , and C ⁇ are appended to the preliminary validation number to obtain a final validation number (R ⁇ ...R 5; C 1 . . . . C ) , as indicated at 208.
  • the check digits C 8 to C ⁇ will be used to determine if the information given by the user checks, i.e., the activation center will double-check to determine if the user really gave the correct information.
  • validation number will refer in this specification to the 12-digit validation number but may refer in the claims to either validation number or another suitable validation number.
  • Fig. 7 there is indicated the process of generation of the nine digit activation number A j to Ag by program 63 in the remote activation computer 60.
  • the check digits C 6 and C 7 are re- calculated and compared with the corresponding digits in the validation number as supplied over the phone by the user to confirm the validation number as a correct one which has not been fabricated or incorrectly given by the user.
  • the sum of the digits of the validation number is calculated, this sum being a number which is defined herein as "Balance 1."
  • Balance 1 may be obtained from the validation number by any other suitable mathematical process.
  • digits Aj, A 6 , and A 7 are calculated from the validation number as follows.
  • a 2 is set equal to the unit's value of balance 1, and
  • a ⁇ is set equal to the ten's value thereof.
  • three random digits a, b, and c are generated by the program 63.
  • a number d is calculated as a(b)+c, as indicated at 98.
  • d is subtracted from Balance 1, giving e. Otherwise, d is added to Balance 1, giving e.
  • a new set of 3 random digits is generated and steps 96, 98, and 100 re-applied until a set of 3 digits a, b, and c is randomly selected such that e is equal to the predetermined balance number.
  • the predetermined balance number be a prime number such as, in the example, 5, since a factorable number is weak mathematically so that the code may be more easily cracked. More preferably, the prime number is a higher number such as a 2, 3, or 4 digit prime number since more digits of information are involved, making any effort to determine the predetermined balance number even more difficult.
  • a random set of values for a, b, and c may be 7, 8, and 1 respectively whereby A, , A 3 , and j are 8, 7, and 1 respectively.
  • check digits A 8 and AT are calculated for the activation number, as indicated at 114, except the multipliers of A, to A 7 and then A,_ to
  • a 8 6 as follows:
  • the activation number A, to Ag is assembled and displayed on the screen to the operator 50, as follows:
  • This number is delivered over the phone, by modem, or otherwise to the user for inputting to computer 10.
  • FIG. 17 there is illustrated an alternative method of generating the activation number, which allows a greater check on the authenticity of the digits thereof.
  • this assembled number is then used to generate from all of the bytes thereof two check digits A 10 and A ⁇ , as indicated at 250, in a manner as previously discussed for generation of check digits.
  • the resulting number with these check digits appended ( j.-.-An) is then summed.
  • Two more check digits A n and A 13 are then generated based on the sum, as indicated at 254, again using similar principles for check digit generation.
  • the check digits A 10 , A ⁇ , A 12 , and A 13 are appended to the preliminary activation number to obtain a final activation number, as indicated at 256.
  • the program will utilize these additional check digits to determine if the activation number is a correctly generated number.
  • the term "activation number" will refer in this specification to the nine- digit activation number but may refer in the claims to either activation number or another suitable activation number.
  • the resulting pseudo-random activation number generated by the program 63 in the remote computer 60 comprises digits which are meaningless to the user and have no meaning relative to the validation number, which is also meaningless to the user.
  • the TP/PP cannot thereafter be decrypted to retrieve the preselected signature for execution of the software unless the random digits were also selected to give a derived balance number which is the same as the predetermined balance number.
  • the activation number is given over the phone, modem, or the like to the user 40 and inputted to the computer 10 being authorized.
  • the program 18 then generates a derived balance number and causes the customer and product identification, computer system unique characteristics, and the preselected signature to be written on the hard disk drive 20 as the thumbprint/productprint (TP/PP) , encrypted by use of the derived balance number, as described hereinafter, preferably in several locations to facilitate data integrity/recovery across all operating systems, i.e., DOS, Windows, OS/2, and the like: (1) one or more locations in the root of the hard disk drive 20, i.e.
  • non-hidden files is meant that there is no directory in the system which indicates their existence.
  • the information is also written to several different locations as a back-up, i.e., in case it gets inadvertently deleted at one or more locations.
  • the user "runs” the software, as indicated at 120, and the "executable" code portion thereof checks for whether a valid thumbprint/productprint (TP/PP) exists on the hard disk drive 20, as indicated at 122. If a valid TP/PP has been written to the hard disk drive 20, the software executes, as indicated at 124.
  • a wrapper in each software package may have several "enabling" function calls to the embedded, encrypted "code.” However, if a valid TP/PP does not exist, then the software causes the computer screen to display a message prompting the user to insert the activation/installation diskette, CD ROM, or the like medium in order to activate, as indicated at 126.
  • the derived balance number is equal to the sum of Balance 1 and Balance 2, as indicated at 148.
  • the derived balance number is used to encrypt and write to the hard disk drive 20 the thumbprint in a thumbprint format, indicated at 209 in Fig. 11, and the productprint (containing the publisher's product identification number in a productprint format) , illustrated at 221 in Fig. 12, contained within a cluster of perhaps 4 sectors 28 (2048 bytes), as seen in Fig. 13.
  • the thumbprint 150 is contained within one of the sectors (512 bytes) .
  • the program first checks for whether a thumbprint 150 exists. If it does, it is then updated for a new productprint, as indicated at 161, and a random number generator is run to determine randomly a "pointer" start position, as indicated at 163. If it doesn't, a thumbprint 150 must be generated. This is done by running a unique random number generator for the "pointer" portion 154 (right side 256 bytes) of the thumbprint area 150, as indicated at 162, running a non-unique random number generator for the "data" portion (left side 256 bytes) of the thumbprint area 150 and the 3 sectors for productprints, as indicated at 164, and running a random number generator to determine randomly a "pointer" start position, as indicated at 166.
  • the thumbprint is assembled in the area 150 in a format, indicated at 209, of perhaps 35 bytes including (1) the authorizer's signature (16 bytes), illustrated at 226, (2) the customer identification number (4 bytes) , illustrated at 210, (3) the number of products for this customer number (2 bytes, based on how many productprints have been written), illustrated at 212, (4) a productprint encryption key (2 bytes, a random number used to encrypt the productprint by a suitable conventional process) , illustrated at 214, (5) the 4-byte internal machine characteristic data, illustrated at 216, (6) four pointers (1 byte each), illustrated at 218, used for recovery of the TP/PP in track zero since they identify 4 particular sectors previously allocated by the operating system therefor, and (6) a check sum (3 bytes), i.e., which is derived by the modulus 256 process as previously discussed, illustrated at 220.
  • the productprint, encrypted by encryption key 214 and then XOR'd to reverse bits in accordance with principles commonly known to those of ordinary skill in the art to which this invention pertains, is assembled in the area 152 in a format, illustrated at 221, of perhaps 11 bytes including (1) product identification (2 bytes) , illustrated at 222, (2) "try & buy” indicators (3 bytes), illustrated at 223, (3) network indicators (3 bytes), illustrated at 224, and (4) a check sum (3 bytes), illustrated at 225.
  • the "try & buy” and “network” indicators 223 and 224 respectively will be discussed hereinafter. It should be understood that these indicators 223 and 224 are optional and need not be provided if the software package is not to have these features.
  • Character 6 in the "network” indicator 224 is a "type of network” designator, i.e., perhaps using the characters “N” for Novell, “B” for Banyan, “W” for Windows, “L” for Lantastic, and "A” for “not applicable.”
  • Characters 7 and 8 contain the maximum number of users allowed concurrently. If character 6 is "A” or another character indicating that the software contains no provision for network use, then characters 7 and 8 are random digits.
  • the thumbprint 209 also contains the preselected signature (16 bytes) , illustrated at 226, which is a set of characters which are the same for each item of software 18.
  • the preselected signature 226 may be determined randomly or in any other suitable way. For example, the signature may be generated by beginning with 28 and adding 91 (if the sum is greater than 255, then 255 is subtracted to get the number) until the 16 characters are generated. It is this signature which must be retrieved by the program 18 before execution of the software is permitted.
  • the numbers generated in the pointer portion 154 of 256 bytes are random and unique, i.e., each number appears only once.
  • the first 6 bytes randomly contain unique numbers 56, 1, 14, 255, 48, and 4.
  • a start-point byte is randomly selected, for example, at the third byte, indicated at 158, containing the number 14.
  • the 35 (or more) bytes of the thumbprint 209 are scrambled or randomly scattered in the "data" portion 156 as controlled by the "pointer" portion 154.
  • the start-point byte 158 determines the byte- position of the first byte of the thumbprint, i.e., byte number 14 in the "data" portion.
  • the next pointer byte containing number 255 determines the byte-position of the second byte of the thumbprint, i.e., data portion byte number 255.
  • the locations of the remaining thumbprint bytes are determined similarly, and the remaining or unused bytes in the "data" portion retain their randomly-generated numbers.
  • the program 18 proceeds to decompose the validation and activation numbers and obtain a derived balance number, as previously discussed relative to Fig. 9, which is used to encrypt the TP/PP, as illustrated at 174, by any suitable encryption method.
  • each encrypted byte may be used to encrypt the next byte in a ripple effect.
  • the productprint data is assembled, as indicated at 170.
  • New check sums are calculated and stored for the TP, PP, and cluster, as indicated at 172, followed by encrypting the PP with the randomly generated number in the TP (then XOR'd) and the TP/PP with the derived balance number, as indicated at 174. It is this encrypted TP/PP which is then written to the hard disk drive 20, as indicated at 176.
  • the program effects decryption using the predetermined balance number. If the predetermined balance number is the same as the derived balance number (meaning that the validation and activation number set was correctly decomposable to yield a derived balance number which is equal to the predetermined balance number) , then the preselected signature 226 as well as the remainder of the TP/PP will be retrieved. If the derived balance number is not the same as the predetermined balance number, the decryption will not yield the preselected signature 226, and the program 18 will not be executed. To throw a hacker further off guard, the application software is preferably decrypted and re-encrypted on the fly, i.e., as it is being run.
  • the predetermined balance number is suitably encrypted in object code which is given to the publisher to embed in the program 18, using principles commonly known to those of ordinary skill in the art to which this invention pertains.
  • a The publisher may not therefore know the balance number.
  • a series of confusing processes are used, in accordance with principles commonly known to those of ordinary skill in the art to which this invention pertains, to deny access to the predetermined balance number to the user or a hacker.
  • the software 18 is preferably programmed to allow activation then shut down (or provide a "nagging” message periodically) after a number of uses and/or number of days, as specified in the productprint 223.
  • the publisher selects the "nag" or "shutdown” version prior to package embedding.
  • character 3 of the "try & buy” indicator 223 is an indication of whether or not the activated package has been purchased. If it has, character 3 may, for example, be a "P" for "purchased.” If it is in "try” mode, character 3 may be a character which indicates either "nag” (continue to operate when the specified number of units of time and “tries” have been used, but a reminder message on a regular basis) or "no nag” (shut down when the specified number of units of time or “tries” have been used) . Character 3 also specifies the unit of time, i.e., seconds, minutes, hours, days, or months. Character 4 indicates the number of units of time allowed, and character 5 indicates the number of tries allowed. If character 3 contains a "P, " then characters 4 and 5 are random characters. When the user purchases the software, character 3 is changed to the "buy” character.
  • D 5 is selected to provide information relative to which of these features is to be implemented to be passed from the user 40 to the operator 50 (or between the respective computers) encoded within the digit D 5 .
  • the software 18 is programmed to check for the "network” and "try & buy” states and select a digit D 5 indicative thereof.
  • the possible states for each feature are “yes” and “no.” If the feature is not included as an option for the type of software, it is "inactive.”
  • the digit D 5 may be selected as follows:
  • D 5 in this embodiment would not be a check digit but would be a digit selected to represent the "network” and "try & buy” states.
  • the computer 60 is programmed to update its information database 63 appropriately to reflect the user's "network” and/or "try & buy” implementation.
  • the pseudo-random encrypting of the validation and activation numbers and the random scattering of the thumbprint/productprint information provides numbers which appear to be meaningless and would not be expected to be decoded by a hacker even by the sophisticated programs and techniques currently in use.
  • the maintenance of the program for generating the activation number at the activation center is inaccessible to the user and maintains secure that information which is needed to decode the activation number.
  • the process of the present invention therefore does not require hiding of codes within the software.
  • the unchanging and unique nature of the computer characteristics on which authorization is based allow the authorization process to be reliable, i.e., an authorization on one machine does not include others, and the user can be assured that the authorization will not be lost just because the computer characteristics may have changed since authorization.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé pour empêcher l'utilisation d'un logiciel sur un ordinateur non autorisé. Le logiciel est programmé pour coder et fournir à l'utilisateur un nombre de validation dérivé des informations reçues par le logiciel depuis l'ordinateur, concernant une ou plusieurs caractéristiques de l'ordinateur assurant une identification permanente et univoque de l'ordinateur. Le vendeur du logiciel utilise un second ordinateur pour coder un nombre d'activation dérivé du nombre de validation et fourni à l'utilisateur pour l'entrer dans son ordinateur. Le nombre d'activation comporte un ou plusieurs chiffres générés de manière aléatoire. Lorsqu'on effectue une opération mathématique prédéterminée sur ce chiffre ou ces chiffres et sur au moins un des chiffres du nombre de validation, on obtient un nombre dérivé résiduel. Une signature présélectionnée et d'autres informations sont éparpillées d'une manière aléatoire parmi les bits produits de manière aléatoire en même temps que le nombre d'identification du produit pour constituer une empreinte digitale/empreinte produit qui est codée par le nombre résiduel dérivé par l'ordinateur de l'utilisateur à partir des nombres de validation et d'activation et qui se trouve dans l'unité de disque dur de l'ordinateur de l'utilisateur. Le logiciel peut être utilisé dans l'ordinateur de l'utilisateur si on récupère la signature présélectionnée après que le nombre résiduel prédéterminé a été appliqué pour décoder les informations comprenant la signature présélectionnée.
PCT/CA1995/000354 1994-06-17 1995-06-16 Procede pour empecher l'utilisation d'un logiciel sur un ordinateur non autorise WO1995035533A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU26665/95A AU2666595A (en) 1994-06-17 1995-06-16 Method for preventing use of software on an unauthorized computer

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US26149694A 1994-06-17 1994-06-17
US08/261,496 1994-06-17

Publications (1)

Publication Number Publication Date
WO1995035533A1 true WO1995035533A1 (fr) 1995-12-28

Family

ID=22993565

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA1995/000354 WO1995035533A1 (fr) 1994-06-17 1995-06-16 Procede pour empecher l'utilisation d'un logiciel sur un ordinateur non autorise

Country Status (2)

Country Link
AU (1) AU2666595A (fr)
WO (1) WO1995035533A1 (fr)

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0901123A1 (fr) * 1997-09-05 1999-03-10 Wea Manufacturing Inc. Méthode de protection basé sur une clé pour disque lisible par vie optique
WO1999026123A1 (fr) * 1997-11-18 1999-05-27 Christopher Benjamin Wakely Perfectionnements apportes a des systemes de protection de logiciel
WO2000029928A1 (fr) * 1998-11-13 2000-05-25 Iomega Corporation Systeme de codage de donnees electroniques protegees sur un support specifique utilisant un code compose pour empecher le piratage
EP1018237A1 (fr) * 1997-09-23 2000-07-12 Aegisoft Corporation Procede et systeme de transformation dynamique de materiel chiffre
WO2001004730A1 (fr) * 1999-07-13 2001-01-18 Infinia Ip Ltd Identification d'ordinateurs
WO2001084283A2 (fr) * 2000-04-28 2001-11-08 Moldflow Corporation Systeme et procede de logiciel d'application interruptible de reseau
EP1195761A3 (fr) * 2000-09-01 2002-04-17 Oleg Saliahov Méthode et appareil d'authentification de disque optique
US6406336B1 (en) 1998-01-20 2002-06-18 Fci Americas Technology, Inc. Contact with anti-skiving feature
EP1274000A1 (fr) * 2001-01-31 2003-01-08 Sony Computer Entertainment Inc. Systeme informatique permettant l'authentification d'un support d'enregistrement et utilisation de ce systeme
EP1276295A2 (fr) * 2001-07-13 2003-01-15 Samsung Electronics Co., Ltd. Système de téléchargement de contenu
US7039188B2 (en) 2001-08-31 2006-05-02 Oleg Saliahov Optical disc authentication method and apparatus
US7246246B2 (en) 1998-04-17 2007-07-17 Iomega Corporation System for keying protected electronic data to particular media to prevent unauthorized copying using a compound key
WO2007088384A1 (fr) * 2006-02-03 2007-08-09 British Telecommunications Public Limited Company Authentification de produits logiciels
US20090150674A1 (en) * 2007-12-05 2009-06-11 Uniloc Corporation System and Method for Device Bound Public Key Infrastructure
US7908662B2 (en) 2007-06-21 2011-03-15 Uniloc U.S.A., Inc. System and method for auditing software usage
US8087092B2 (en) 2005-09-02 2011-12-27 Uniloc Usa, Inc. Method and apparatus for detection of tampering attacks
US8160962B2 (en) 2007-09-20 2012-04-17 Uniloc Luxembourg S.A. Installing protected software product using unprotected installation image
US8239852B2 (en) 2009-06-24 2012-08-07 Uniloc Luxembourg S.A. Remote update of computers based on physical device recognition
US8284929B2 (en) 2006-09-14 2012-10-09 Uniloc Luxembourg S.A. System of dependant keys across multiple pieces of related scrambled information
US8374968B2 (en) 2008-02-22 2013-02-12 Uniloc Luxembourg S.A. License auditing for distributed applications
US8838976B2 (en) 2009-02-10 2014-09-16 Uniloc Luxembourg S.A. Web content access using a client device identifier
US8903653B2 (en) 2009-06-23 2014-12-02 Uniloc Luxembourg S.A. System and method for locating network nodes
US9047458B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Network access protection
US9047450B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Identification of embedded system devices
US9075958B2 (en) 2009-06-24 2015-07-07 Uniloc Luxembourg S.A. Use of fingerprint with an on-line or networked auction
US9082128B2 (en) 2009-10-19 2015-07-14 Uniloc Luxembourg S.A. System and method for tracking and scoring user activities
US9129097B2 (en) 2009-06-24 2015-09-08 Uniloc Luxembourg S.A. Systems and methods for auditing software usage using a covert key
US9141489B2 (en) 2009-07-09 2015-09-22 Uniloc Luxembourg S.A. Failover procedure for server system
US9633183B2 (en) 2009-06-19 2017-04-25 Uniloc Luxembourg S.A. Modular software protection
US9935847B2 (en) 2014-08-20 2018-04-03 Jamf Software, Llc Dynamic grouping of managed devices
US9998914B2 (en) 2014-04-16 2018-06-12 Jamf Software, Llc Using a mobile device to restrict focus and perform operations at another mobile device
US10068282B2 (en) 2009-06-24 2018-09-04 Uniloc 2017 Llc System and method for preventing multiple online purchases
US10432609B2 (en) 2011-01-14 2019-10-01 Device Authority Ltd. Device-bound certificate authentication
CN110825639A (zh) * 2019-11-08 2020-02-21 西安雷风电子科技有限公司 一种防篡改时间的软件License验证方法
US11392716B2 (en) 2017-05-12 2022-07-19 Jamf Software, Llc Mobile device management at a healthcare facility

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4796220A (en) * 1986-12-15 1989-01-03 Pride Software Development Corp. Method of controlling the copying of software
US5023907A (en) * 1988-09-30 1991-06-11 Apollo Computer, Inc. Network license server
WO1994007204A1 (fr) * 1992-09-21 1994-03-31 Uniloc (Singapore) Private Limited Systeme de logiciel de reservation
US5337357A (en) * 1993-06-17 1994-08-09 Software Security, Inc. Method of software distribution protection

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4796220A (en) * 1986-12-15 1989-01-03 Pride Software Development Corp. Method of controlling the copying of software
US5023907A (en) * 1988-09-30 1991-06-11 Apollo Computer, Inc. Network license server
WO1994007204A1 (fr) * 1992-09-21 1994-03-31 Uniloc (Singapore) Private Limited Systeme de logiciel de reservation
US5337357A (en) * 1993-06-17 1994-08-09 Software Security, Inc. Method of software distribution protection

Cited By (52)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6161179A (en) * 1997-09-05 2000-12-12 Wea Manufacturing, Inc. Key-based protection method for light-readable discs
EP0901123A1 (fr) * 1997-09-05 1999-03-10 Wea Manufacturing Inc. Méthode de protection basé sur une clé pour disque lisible par vie optique
KR100611569B1 (ko) * 1997-09-05 2007-06-07 웨아 매뉴팩츄어링 인코오포레이티드 광판독식디스크의키에의한보호방법
EP1018237A4 (fr) * 1997-09-23 2004-09-15 Aegisoft Corp Procede et systeme de transformation dynamique de materiel chiffre
EP1018237A1 (fr) * 1997-09-23 2000-07-12 Aegisoft Corporation Procede et systeme de transformation dynamique de materiel chiffre
WO1999026123A1 (fr) * 1997-11-18 1999-05-27 Christopher Benjamin Wakely Perfectionnements apportes a des systemes de protection de logiciel
US6406336B1 (en) 1998-01-20 2002-06-18 Fci Americas Technology, Inc. Contact with anti-skiving feature
US7246246B2 (en) 1998-04-17 2007-07-17 Iomega Corporation System for keying protected electronic data to particular media to prevent unauthorized copying using a compound key
WO2000029928A1 (fr) * 1998-11-13 2000-05-25 Iomega Corporation Systeme de codage de donnees electroniques protegees sur un support specifique utilisant un code compose pour empecher le piratage
WO2001004730A1 (fr) * 1999-07-13 2001-01-18 Infinia Ip Ltd Identification d'ordinateurs
US7032113B2 (en) 2000-04-28 2006-04-18 Moldflow Ireland, Ltd. Network enabled application software system and method
WO2001084283A3 (fr) * 2000-04-28 2003-01-23 Moldflow Corp Systeme et procede de logiciel d'application interruptible de reseau
WO2001084283A2 (fr) * 2000-04-28 2001-11-08 Moldflow Corporation Systeme et procede de logiciel d'application interruptible de reseau
EP1195761A3 (fr) * 2000-09-01 2002-04-17 Oleg Saliahov Méthode et appareil d'authentification de disque optique
EP1274000A4 (fr) * 2001-01-31 2004-10-13 Sony Computer Entertainment Inc Systeme informatique permettant l'authentification d'un support d'enregistrement et utilisation de ce systeme
US7698733B2 (en) 2001-01-31 2010-04-13 Sony Computer Entertainment Inc. Computer system and usage method thereof
EP1274000A1 (fr) * 2001-01-31 2003-01-08 Sony Computer Entertainment Inc. Systeme informatique permettant l'authentification d'un support d'enregistrement et utilisation de ce systeme
EP1276295A2 (fr) * 2001-07-13 2003-01-15 Samsung Electronics Co., Ltd. Système de téléchargement de contenu
EP1276295A3 (fr) * 2001-07-13 2005-07-27 Samsung Electronics Co., Ltd. Système de téléchargement de contenu
US7039188B2 (en) 2001-08-31 2006-05-02 Oleg Saliahov Optical disc authentication method and apparatus
US8087092B2 (en) 2005-09-02 2011-12-27 Uniloc Usa, Inc. Method and apparatus for detection of tampering attacks
GB2447594B (en) * 2006-02-03 2011-04-06 British Telecomm Software product authentication
GB2447594A (en) * 2006-02-03 2008-09-17 British Telecomm Software product authentication
WO2007088384A1 (fr) * 2006-02-03 2007-08-09 British Telecommunications Public Limited Company Authentification de produits logiciels
US8284929B2 (en) 2006-09-14 2012-10-09 Uniloc Luxembourg S.A. System of dependant keys across multiple pieces of related scrambled information
US7908662B2 (en) 2007-06-21 2011-03-15 Uniloc U.S.A., Inc. System and method for auditing software usage
US8160962B2 (en) 2007-09-20 2012-04-17 Uniloc Luxembourg S.A. Installing protected software product using unprotected installation image
US8464059B2 (en) * 2007-12-05 2013-06-11 Netauthority, Inc. System and method for device bound public key infrastructure
US20090150674A1 (en) * 2007-12-05 2009-06-11 Uniloc Corporation System and Method for Device Bound Public Key Infrastructure
WO2009076232A1 (fr) * 2007-12-05 2009-06-18 Uniloc Corporation Système et procédé pour une infrastructure à clé publique liée à un dispositif
US8374968B2 (en) 2008-02-22 2013-02-12 Uniloc Luxembourg S.A. License auditing for distributed applications
US8838976B2 (en) 2009-02-10 2014-09-16 Uniloc Luxembourg S.A. Web content access using a client device identifier
US10489562B2 (en) 2009-06-19 2019-11-26 Uniloc 2017 Llc Modular software protection
US9633183B2 (en) 2009-06-19 2017-04-25 Uniloc Luxembourg S.A. Modular software protection
US9047458B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Network access protection
US9047450B2 (en) 2009-06-19 2015-06-02 Deviceauthority, Inc. Identification of embedded system devices
US8903653B2 (en) 2009-06-23 2014-12-02 Uniloc Luxembourg S.A. System and method for locating network nodes
US9075958B2 (en) 2009-06-24 2015-07-07 Uniloc Luxembourg S.A. Use of fingerprint with an on-line or networked auction
US10402893B2 (en) 2009-06-24 2019-09-03 Uniloc 2017 Llc System and method for preventing multiple online purchases
US8239852B2 (en) 2009-06-24 2012-08-07 Uniloc Luxembourg S.A. Remote update of computers based on physical device recognition
US9129097B2 (en) 2009-06-24 2015-09-08 Uniloc Luxembourg S.A. Systems and methods for auditing software usage using a covert key
US10068282B2 (en) 2009-06-24 2018-09-04 Uniloc 2017 Llc System and method for preventing multiple online purchases
US9141489B2 (en) 2009-07-09 2015-09-22 Uniloc Luxembourg S.A. Failover procedure for server system
US9082128B2 (en) 2009-10-19 2015-07-14 Uniloc Luxembourg S.A. System and method for tracking and scoring user activities
US10432609B2 (en) 2011-01-14 2019-10-01 Device Authority Ltd. Device-bound certificate authentication
US10484867B2 (en) 2014-04-16 2019-11-19 Jamf Software, Llc Device management based on wireless beacons
US10313874B2 (en) 2014-04-16 2019-06-04 Jamf Software, Llc Device management based on wireless beacons
US9998914B2 (en) 2014-04-16 2018-06-12 Jamf Software, Llc Using a mobile device to restrict focus and perform operations at another mobile device
US9935847B2 (en) 2014-08-20 2018-04-03 Jamf Software, Llc Dynamic grouping of managed devices
US11392716B2 (en) 2017-05-12 2022-07-19 Jamf Software, Llc Mobile device management at a healthcare facility
CN110825639A (zh) * 2019-11-08 2020-02-21 西安雷风电子科技有限公司 一种防篡改时间的软件License验证方法
CN110825639B (zh) * 2019-11-08 2023-01-31 西安雷风电子科技有限公司 一种防篡改时间的软件License验证方法

Also Published As

Publication number Publication date
AU2666595A (en) 1996-01-15

Similar Documents

Publication Publication Date Title
WO1995035533A1 (fr) Procede pour empecher l'utilisation d'un logiciel sur un ordinateur non autorise
US6889209B1 (en) Method and apparatus for protecting information and privacy
US6006190A (en) Computer implemented method and a computer system for enforcing software licenses
US6868495B1 (en) One-time pad Encryption key Distribution
KR100240324B1 (ko) 실시권자 통지 시스템
EP0768601B1 (fr) Dispositif pour l'execution d'un programme chiffre
US5047928A (en) Billing system for computer software
US4796181A (en) Billing system for computer software
US5490216A (en) System for software registration
US6067622A (en) Software security system using remove function to restrict unauthorized duplicating and installation of an application program
White ABYSS: ATrusted Architecture for Software Protection
US5155680A (en) Billing system for computing software
US6857067B2 (en) System and method for preventing unauthorized access to electronic data
CA1292791C (fr) Dispositif incorpore a un ordinateur personnel pour proteger les logiciels
US20050265193A1 (en) Method and apparatus to inhibit copying from a record carrier
US6847948B1 (en) Method and apparatus for secure distribution of software/data
US20060112019A1 (en) System and method of authenticating licensed computer programs
GB2149944A (en) Software distribution
JP2000138664A (ja) 公開キ―暗号方式を利用したコンテンツの保護方法
CN101073235A (zh) 用于分发软件许可证的系统和方法
JPH0260009B2 (fr)
US6920563B2 (en) System and method to securely store information in a recoverable manner on an untrusted system
JPH07325712A (ja) プログラム不正コピー防止装置
EA006661B1 (ru) Способ и система защиты информации от несанкционированного использования
Suhler et al. Software Authorization Systems.

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AM AT AU BB BG BR BY CA CH CN CZ DE DK EE ES FI GB GE HU IS JP KE KG KP KR KZ LK LR LT LU LV MD MG MN MW MX NO NZ PL PT RO RU SD SE SG SI SK TJ TM TT UA UG UZ VN

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): KE MW SD SZ UG AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: CA

DPE2 Request for preliminary examination filed before expiration of 19th month from priority date (pct application filed from 20040101)