WO1999035582A1 - Systeme d'activation de logiciel et procede d'authentification de logiciel - Google Patents
Systeme d'activation de logiciel et procede d'authentification de logiciel Download PDFInfo
- Publication number
- WO1999035582A1 WO1999035582A1 PCT/SG1998/000047 SG9800047W WO9935582A1 WO 1999035582 A1 WO1999035582 A1 WO 1999035582A1 SG 9800047 W SG9800047 W SG 9800047W WO 9935582 A1 WO9935582 A1 WO 9935582A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- computer
- software
- authentication
- authentication information
- authentication device
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
Definitions
- the invention relates to a computer software activation system and a method of authenticating computer software and in particular, to minimise the risk of software being illegally copied.
- the loss in revenue due to software piracy can run into millions or billions of dollars each year.
- a dongle is supplied with a software program and the software will only operate on a given computer if the corresponding dongle is simultaneously coupled to the computer while the software is running. If the correct dongle is not coupled to the computer, the software will not run on the computer.
- the dongle operates by storing a unique password and a routine in the software is initiated randomly to access the dongle for the password. If the dongle is not attached to the computer, the routine in the software will fail to retrieve the password and the software will shut down by itself.
- dongles has a number of problems. For example, there is a trend for users to use more and more software simultaneously on a computer and if one dongle is required for each piece of software, there may not be sufficient ports on the computer or sufficient space to have all the dongles installed simultaneously.
- this solution does not overcome the problem of software piracy by copying of CD-ROMs containing the software.
- a computer software activation system comprises an authentication device, a writing device for writing to the authentication device, the writing device being coupled to a first computer, the first computer controlling the writing device to write authentication information to the authentication device, the authentication information written to the authentication device permitting corresponding software to be activated on a second computer.
- An advantage of this aspect of the invention is that by providing an authentication device for the software the right of a user to run the software can be authenticated before or during activation of the software.
- a method of authenticating computer software comprises inserting an authentication device into an authentication device reader coupled to a computer on which the software is installed, the computer obtaining, in response to a request from the software for authentication information, from the authentication device reader, the authentication information from the authentication device prior to or during initialisation of the software, the computer supplying the authentication information to the software and the software confirming to the computer that the authentication information from the authentication device permits the software to be run on the computer.
- the computer in the second aspect of the invention is the second computer in the first aspect of the invention.
- the first computer may access a remote computer to obtain authentication information from the remote computer, which the first computer then writes to the authentication device via the writing device.
- connection between the first computer and the remote computer is a secure connection and information passed between the remote computer and the first computer may be encrypted.
- the authentication device may store authentication information relating to a number of different computer software programs.
- the authentication device contains a processor, and may be, for example, a device known as a "smart card” or a “Java card”.
- the authentication information comprises a password.
- the software is encrypted and the authentication information may further comprise a decryption key to permit decryption of the software.
- the authentication information may comprise a portion of the software without which the software will not run.
- the software for use with the authentication device may be installed in the computer using any conventional memory device, such as a magnetic disk or CD-ROM.
- the software may be down loaded from a remote location, for example, via the Internet.
- the software may be located on a network server which is accessed by a user.
- Figure 1 is a schematic block diagram illustrating a system for initialising an authentication device
- Figure 2 is a schematic block diagram showing a system for using software in combination with the authentication device.
- FIG. 1 shows a computer 1 which is connected to a smart card reader/writer 2 via a connection 3.
- the computer 1 is also capable of accessing a remote computer 4 via a telecommunication link 5.
- Telecommunication link 5 may be a dedicated ISDN line or may include modems and a conventional telephone line. Alternatively, the telecommunication link 5 may be via the Internet.
- a software manufacturer would use the system by providing software on for example, on a CD-ROM.
- the software on the CD-ROM would be encrypted.
- the software is encrypted such that each CD-ROM requires a separate decryption key to decrypt the software on it.
- each CD-ROM produced by the software manufacturer is assigned a unique identification code.
- a purchaser buys software on a CD-ROM from a retailer, the retailer must be licensed and registered with the software manufacturer. If the retailer is registered he will have been assigned a user-id and a secure password to access the remote computer 4 of the manufacturer where there is a registry.
- the purchaser must have in his possession an authentication device 8 such as a smart card or a Java card 8 (see Fig. 1) that has an indelible record of his identity (for example, similar to the Netrust card in Singapore) . If he does not have one, the retailer may issue one to him.
- An advantage of using a smart card or Java card 8 is that, unlike a dongle, several passwords or decryption keys can be written into the card so that the PC can use several software programs simultaneously.
- the Java card has the advantage that data can be written into it by an ordinary PC, through an ordinary card reader, unlike an ordinary smart card which requires special hardware to enable data to be written into it.
- the retailer will take out a copy of the CD-ROM software and load it on the computer 1. He will also take the smart card or Java card 8 from the purchaser and insert it into the card reader/writer 2. The computer 1 of the retailer can write into a smart card or a Java card 8 using the card reader/writer 2. The retailer then logs onto the remote computer 4. When the computer 1 is connected to the remote computer 4 and the authenticity of the retailer has been validated using the retailers secure password, the retailer can access the registry on the remote computer 4. The remote computer 4 then sends a Java applet with a decryption key that will decrypt the software on the CD-ROM on the retailer's computer 1.
- a password that will enable the decrypted software to run, similar to the password in a dongle, as described above.
- the decryption key and the password is written into the smart card or the Java card 8 by the computer 1 using the card reader/writer 2. Having done this, the retailer gives the CD-ROM and smart card or Java card 8 to the purchaser.
- a record is made of the sale of the CD-ROM with its unique number against a unique identification of the purchaser. If another retailer or other person logs onto the remote computer 4 and asks to register the same CD-ROM, the remote computer 4 sends a message to warn the other retailer or person that the CD-ROM is pirated. Alternatively, there may be a genuine reason why the same CD-ROM needs to be re-registered. One reason could be that the purchaser has lost his smart card or Java card 8 or he wants to re-sell the software to another party.
- the manufacturer can have a policy with regard to multiple registrations of one CD-ROM. He can charge a price for it, as if he is re-selling the same software, or he can stipulate that the CD-ROM is destroyed and a new copy of the software on a new CD-ROM with a different registration be issued.
- the remote computer 4 where the registry is kept is highly secured with encryption and decryption of data transmission between the remote computer 4 and the retailer's computer 1 and protected by a fire wall.
- multiple sites may be provided, for example, on the Internet. These may be hosted by different Internet service providers. Concurrency of data is maintained across the sites by means of data mirroring and replication techniques. The sites can also serve as the platforms to transmit software to purchasers directly by means of electronic commerce.
- the purchaser purchases the CD-ROM, he loads the software on the CD-ROM into his computer 10 (see Figure 2) and inserts the smart card or Java card 8 into a card reader 11.
- the encrypted program on the CD-ROM is copied from the CD-ROM onto a hard disk 13 of the computer 10 and the decryption key is retrieved from the smart card or Java card 8 via a central processing unit (CPU) 12.
- the decrypted executable program is then permanently stored on the hard disk 13.
- the software is used with a Java card, as an added measure of security, the most essential part of the main executable program can be omitted from the CD-ROM.
- this critical part of the program can be downloaded from the remote computer 4, together with the decryption key and the password and stored on the Java card.
- the main executable program calls for this essential part to be retrieved from the Java card. This enhances the security of the system as the software will not run without the portion of the software stored on the Java card, as the main executable program is not complete.
- a user can have an authentication device 8 authenticated for specific software by an appropriate retailer. The purchaser may then use the authentication device 8 to download software from a remote computer 14 for example via the Internet 15, and install the software using the authentication device. If the authentication device 8 has not been correctly authenticated then the software will not install correctly on the user's computer 10.
- the authentication information for the software may be downloaded directly from the remote computer 14.
- the purchaser logs onto the remote computer 14 (for example via the Internet) and asks to purchase specific software.
- a Java applet from the remote computer 14 is sent to the purchaser's computer 10 to interrogate the Java card or smart card 8 for a unique identification and credit card number.
- the credit card account identification may be embedded in the PC through software supplied to the purchaser by the credit card issuer. This would be secure software, which the purchaser could not tamper with.
- the unique identification is authenticated against the credit card account identification in the purchaser's computer 10. After this is validated, a request is made to a credit card computer to make a deduction equivalent to the price of the software. If this is successful, a message is sent to the purchaser to confirm the transaction and be prepared to receive the software to be downloaded.
- the software is encrypted, and downloaded to the purchaser's computer 10. This is followed by the decryption key and the password which are written to the purchaser's Java card by the computer 10.
- a further example of the system is for supplying software for use on a network server.
- the retailer sells the network version of the software to the purchaser.
- the software is supplied encrypted with a fixed number of smart cards or Java cards 8 that contain the decryption key and password for the software.
- the sale is registered with the registry of the software manufacturer before the key and password are downloaded from the remote computer 4, as before.
- the number of smart cards or Java cards 8 is at least equal to the number of concurrent users licensed to use the network software.
- the buyer loads the software onto the network server and distributes the smart cards or Java cards to users of the software on the server.
- the encrypted copy is sent to the computer.
- the decryption key and the password in the smart card or Java card 8 the user is able to use the software.
- Advantages of the invention are that it permits authentication information for a number of different software programs to be held on a single authentication device, and the software can not be used without the correct decryption key and the appropriate password. Hence, if a person only has a copy of the software and either no decryption key or the wrong password, the software will not operate. Hence, the invention reduces the likelihood of software being illegally copied, for example by making copies of a CD-ROM, as the CD-ROM is useless without the appropriate password and decryption key.
- a further advantage is that the user can use the software on any computer provided that the identification device is used in conjunction with the software. This enables a user to run the software on any computer but also has the advantage of ensuring that the software can only run on on computer at any one time as the identification device is required to run the software.
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Remote Sensing (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Radar, Positioning & Navigation (AREA)
- Storage Device Security (AREA)
Abstract
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU82519/98A AU8251998A (en) | 1998-01-05 | 1998-06-19 | A computer software activation system and a method of authenticating computer software |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
SG9800028-4 | 1998-01-05 | ||
SG9800028 | 1998-01-05 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1999035582A1 true WO1999035582A1 (fr) | 1999-07-15 |
Family
ID=20429847
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/SG1998/000047 WO1999035582A1 (fr) | 1998-01-05 | 1998-06-19 | Systeme d'activation de logiciel et procede d'authentification de logiciel |
Country Status (2)
Country | Link |
---|---|
AU (1) | AU8251998A (fr) |
WO (1) | WO1999035582A1 (fr) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001009733A1 (fr) | 1999-07-30 | 2001-02-08 | Sims Bci, Inc. | Dispositif capable de mise a jour de fonctions et carte d'options a cet effet |
FR2849230A1 (fr) * | 2002-12-24 | 2004-06-25 | Francois Bangui | Procede et dispositif de verification de l'integrite d'une application logicielle sans cle de chiffrement/dechiffrement |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0191162A2 (fr) * | 1984-12-18 | 1986-08-20 | International Business Machines Corporation | Procédé de protection de logiciel |
US5319705A (en) * | 1992-10-21 | 1994-06-07 | International Business Machines Corporation | Method and system for multimedia access control enablement |
US5416840A (en) * | 1993-07-06 | 1995-05-16 | Phoenix Technologies, Ltd. | Software catalog encoding method and system |
US5588146A (en) * | 1992-10-23 | 1996-12-24 | Gemplus Card International | Method for the acquisition of software and data-processing system to implement the method |
US5666411A (en) * | 1994-01-13 | 1997-09-09 | Mccarty; Johnnie C. | System for computer software protection |
EP0808048A2 (fr) * | 1996-05-15 | 1997-11-19 | AT&T Corp. | Accès à un service d'informations multimédia |
-
1998
- 1998-06-19 WO PCT/SG1998/000047 patent/WO1999035582A1/fr active Application Filing
- 1998-06-19 AU AU82519/98A patent/AU8251998A/en not_active Abandoned
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0191162A2 (fr) * | 1984-12-18 | 1986-08-20 | International Business Machines Corporation | Procédé de protection de logiciel |
US5319705A (en) * | 1992-10-21 | 1994-06-07 | International Business Machines Corporation | Method and system for multimedia access control enablement |
US5588146A (en) * | 1992-10-23 | 1996-12-24 | Gemplus Card International | Method for the acquisition of software and data-processing system to implement the method |
US5416840A (en) * | 1993-07-06 | 1995-05-16 | Phoenix Technologies, Ltd. | Software catalog encoding method and system |
US5666411A (en) * | 1994-01-13 | 1997-09-09 | Mccarty; Johnnie C. | System for computer software protection |
EP0808048A2 (fr) * | 1996-05-15 | 1997-11-19 | AT&T Corp. | Accès à un service d'informations multimédia |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001009733A1 (fr) | 1999-07-30 | 2001-02-08 | Sims Bci, Inc. | Dispositif capable de mise a jour de fonctions et carte d'options a cet effet |
EP1204926A4 (fr) * | 1999-07-30 | 2009-12-09 | Smiths Medical Pm Inc | Dispositif capable de mise a jour de fonctions et carte d'options a cet effet |
FR2849230A1 (fr) * | 2002-12-24 | 2004-06-25 | Francois Bangui | Procede et dispositif de verification de l'integrite d'une application logicielle sans cle de chiffrement/dechiffrement |
WO2004059450A1 (fr) * | 2002-12-24 | 2004-07-15 | Enigma Systems Sarl | Procede et dispositif de verification de l'integrite d'une application logicielle |
CN100520670C (zh) * | 2002-12-24 | 2009-07-29 | 英格玛系统有限责任公司 | 用于验证软件应用完整性的方法和设备 |
US7739514B2 (en) | 2002-12-24 | 2010-06-15 | Enigma Systems | Software application integrity verification method and device |
Also Published As
Publication number | Publication date |
---|---|
AU8251998A (en) | 1999-07-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7134016B1 (en) | Software system with a biometric dongle function | |
US6134659A (en) | Controlled usage software | |
CA1292791C (fr) | Dispositif incorpore a un ordinateur personnel pour proteger les logiciels | |
US5375240A (en) | Information distribution system | |
US6411941B1 (en) | Method of restricting software operation within a license limitation | |
AU767286B2 (en) | Methods and apparatus for protecting information | |
US7962417B2 (en) | System and method for distributing protected information | |
US7747873B2 (en) | Method and apparatus for protecting information and privacy | |
EP0895148B1 (fr) | Système de location de logiciels et méthode pour louer des logiciels | |
EP0909413B1 (fr) | Distribution et utilisation controlee de produits de type logiciels | |
TW475103B (en) | Public cryptographic control unit and system therefor | |
EP0679977B1 (fr) | Méthode et appareil permettant de prendre des logiciels à l'essai et permettant la distribution des objets de logiciels | |
US7209901B2 (en) | Method for selling, protecting, and redistributing digital goods | |
US20010037450A1 (en) | System and method for process protection | |
GB2149944A (en) | Software distribution | |
WO1996034334A1 (fr) | Dispositif pour l'execution d'un programme chiffre | |
US8266710B2 (en) | Methods for preventing software piracy | |
US6665797B1 (en) | Protection of software again against unauthorized use | |
JP2002518727A (ja) | ソフトウェア製品の実行の制御方法 | |
US7831516B2 (en) | System and method for redistributing and licensing access to protected information among a plurality of devices | |
WO1999035582A1 (fr) | Systeme d'activation de logiciel et procede d'authentification de logiciel | |
JP4784319B2 (ja) | コンテンツ利用権管理システム及び電子チケット発行システム及びプログラム | |
KR100423506B1 (ko) | 아이씨칩내장카드를 이용한 온라인상에서의 소프트웨어불법복제방지방법 | |
US20070219918A1 (en) | System and method for controlling access to protected information | |
JP3289656B2 (ja) | プログラムの実行制御方式 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
NENP | Non-entry into the national phase |
Ref country code: KR |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: CA |