CA2025434C - Method for protecting against the unauthorized use of software in a computer network environment - Google Patents
Method for protecting against the unauthorized use of software in a computer network environmentInfo
- Publication number
- CA2025434C CA2025434C CA002025434A CA2025434A CA2025434C CA 2025434 C CA2025434 C CA 2025434C CA 002025434 A CA002025434 A CA 002025434A CA 2025434 A CA2025434 A CA 2025434A CA 2025434 C CA2025434 C CA 2025434C
- Authority
- CA
- Canada
- Prior art keywords
- license
- token
- applications
- licensing
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title description 19
- 230000006870 function Effects 0.000 abstract description 17
- 238000012795 verification Methods 0.000 abstract description 5
- 239000003795 chemical substances by application Substances 0.000 description 30
- 239000011230 binding agent Substances 0.000 description 8
- 239000011800 void material Substances 0.000 description 8
- 238000004519 manufacturing process Methods 0.000 description 5
- 230000007246 mechanism Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 230000003068 static effect Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 3
- 230000001010 compromised effect Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 239000000126 substance Substances 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 241000408529 Libra Species 0.000 description 1
- 101100256976 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) SIP3 gene Proteins 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 150000001768 cations Chemical class 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 230000003628 erosive effect Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000005055 memory storage Effects 0.000 description 1
- 230000003340 mental effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
- G06F21/1077—Recurrent authorisation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2101—Auditing as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2135—Metering
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2137—Time limited access, e.g. to a computer or data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/101—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management
Abstract
The present invention provides to the software application the verification and license check out functions which are normally performed by a license server. The encrypted license information is contained in a license token, and is stored in the database controlled by the license server. In contrast to the prior art where the license server either grants or denies the request after verifying the user's credentials, the license server in the preferred embodiment of the present invention finds the correct license token for the software application and transmits the license token to the licensing library.
The license access module attached to the application decodes the licensing token. Routines in the licensing library coupled to the software application verify the license information before checking out the license and updating the license token. The license access module then encodes the updated license token before returning it to the license server. Because the verification and check out function of a license token are performed by a software application, the software application rather than the license server becomes the point of attack by unauthorized users. Reverse engineering the license access module is less rewarding than attacking the license server because the license access module reveals the contents of a small fraction of a database of licenses.
The license access module attached to the application decodes the licensing token. Routines in the licensing library coupled to the software application verify the license information before checking out the license and updating the license token. The license access module then encodes the updated license token before returning it to the license server. Because the verification and check out function of a license token are performed by a software application, the software application rather than the license server becomes the point of attack by unauthorized users. Reverse engineering the license access module is less rewarding than attacking the license server because the license access module reveals the contents of a small fraction of a database of licenses.
Description
- 2~92$q34 BACKGROUND OF THF INVENTION
1. FIELD OF THE INVENTION
The present invention relates to a method for protecting against 5 tho unauthorized use of a software application in a computer network environment.
2. ART ~ACKGROUND
A computer network is typically an interconnection of machines or 10 agents over links or cables. The open access characteristics of a computer network presents opportunities for the unauthorized copying of software, thus eroding the licensing revenue potential of software developers. Traditionally, either the entire network must be licensed (commonly referred to as a site license), or each node where the software is run must be licensed (commonly 15 referred to as a node license). A node refers to a single machine, agent or system in a computer network. A license is an authorization given by a software developer to a customer to use a software application in a specific manner.
A site license lets all users at a designated location or network use the software application, regardless of their position on the network. This Slat-fee approach is an overkill for a low usage software application. A node licsnse not only ties a software application to a particular machine in a net~vork, but also is not cost effective for the infrequent use of a software ~rp"~ on. See, for example, U.S. Patent No. 4,688,169. Furthermore, if new users of licensed nodes wish to use the software ~PF' cation, they are often - required to purchase additional licenses.
An alternative to a si1e license or a node license is the concept of a concurrent usage license. A concurrent usage license restricts the number of users allowed to use a software application at any given time, regardless of their location on the network. Just as renters check out available copies of a ~,~
...... ~
movie video from a video rental store, users on a network check out a software application from an agent on a first-come-first-serve basis. Thus, a concurrent usage license charges a fee for the use of a software application proportional to its actual use.
Methods to license a software application for concurrent use in a network environment are currently offered by Highland Software, Inc. and Apollo Computer, inc. See, M. Olson and P. Levine, ~Concurrent Access Licensingn, Unix Review, September 1988, Vol. 6, No. 9. In general, the 10 license for a software application is stored in a database controlled by a license server. A license server is a program that not only stores the license, but also verifies the user's credentials before checking out the license to the authenticated user. To protect against the authorized use, these methods to license concurrent usage rely on secured communications such as 15 public/private key encryption. Under public/private key encryption, each userof the system has two keys, one of which is generally known to the public, and the other which is private. The private transformation using the private key is related to the public one using the public key but the private key cannot be computationally determined from the public key. See Denning, D., 20 Cryptography and Data Security, Addison-Wesley, 1982. The encryption key is hidden in the license server to encrypt the database of licenses. Well designed public/private key encryption schemes are difficult to crack, especially if the license server is located in a trusted environment. A trusted environment is one whose access is limited to users having the proper 25 credentials. However, a license server is more likely to be located at a customer's site and hence in an hostile environment. It follows that the licenseserver is vulnerable to sophisticated intruders. Once the private key is decrypted, all sensitive information on the license server such as licenses are compromised.
-It is therefore an object of the present invention to provide a more secure method to protect against the unauthorized use of software in a concurrent use licensing environment.
-- 3~
202~434 SUMMARY OF THE INVENTION
The present invention provides to the software application the v~rification and license check out functions which are normally performed by a 5 license server. The preferred embodiment of the present invention comprises a computer network including a plurality of agents running at least one license server and at least one software application. The license server controls a database of an agent containing the license information for the software application. The license information is contained in a license token, and is 10 stored in the database controlled by the license server. The license token is a special bit pattem or packet which is encrypted by the software vendor of the application software. The software application communicates with the license server through a licensing library. The licensing library is a collection of library routines that the software application invokes to request or renew a license 15 from the license server. Before a software application obtains a license, the acense token must be decoded by a license access module. The license access module, which is linked with the software application and the licensing libraly is a program that decodes the license token from a vendor specific format to a licensing library format.
When an user wishes to run a software application, the licensing library invokes a call to request a license token from the license server. In contrast to the prior art where the license seNer either grants or denies the request after verifying the user's credentials, the license seNer in the preferred embodiment 25 of the present invention finds the correct license token for the software app'ic-t on and transmits the license token to the licensing library. The license access module attached to the licensing libra~y decodes the licensing token. ~- -Routines in the licensing library coupled to the software application verify theGcense information before checking out the license and updating the license 30 token. The license access module encodes the updated license token before returning it to the license server.
....~, - ~
~ -:
-~o25434 Because the verification and check out function of a license token are performed by a software application, the software application rather than the license serve! becomes the point of attack by unauthorized users. Reverse engineering the license access module is less rewarding than attacking the 5 license server because the license access module reveals the contents of a fraction of a database of licenses. By the time most attackers crack the licenseaccess module, the software vendors would most likely introduce newer versions of the software application and new license access modules for them.
Thus the present invention provides a more secure method for protecting 10 against the unauthorized use of a software application in a computer network environment without modifying the underlying computer network.
BRIFF DESCRIPTION OF THF DRAWINGS
Figure 1 illustrates a network environment employing the present invention.
Figure 2 describes the architecture of a network licensing scheme employing the preferred embodiment of the present invention.
Figure 3 describes the installation of a license token in the preferred 10 embodiment of the present invention.
Figure 4a illustrates the use of a license token to request a license from a license server in the preferred embodiment of the present invention.
Figure 4b illustrates the use of a license token to renew a license from a license server in the preferred embodiment of the present invention.
Figure 4c illustrates the use of a license token to release a license from a license server in the preferred embodiment of the present invention.
NOTATION AND NOMENCLATURF
The detailed description that tollows is presented largely in terms ot algorithms and symbolic representations o~ operations on data bits and data 5 structures within a computer memory. These algorithmic descriptions and representations are the means used by thcse skilled in the data processing arts to most effeclively convey the substance of their work to others skilled in the art.
An algorithm is here, and generally, conceived to be a self-consistent sequence of steps leading to a desired result. These steps are those requiring physical manipulation of physical quantities. Usually, though not necessarily, these quantities take the form ot electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It proves 15 convenient at times, principally for reasons of common usage, to refer to these signals as bit patterns, values, elements, symbols, characters, data packages, or the like. It should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities.
Further, the manipulations performed are often referred to in terms, such as adding or comparing, that are commonly associated with mental operations performed by a human operator. No such capability of a human operator is , .
necessary, or desirable in most cases, in any of the operations described 25 herein that ~orm part of the present invention; the operations are machine operations. Useful machines for performing the operations of the present invention include general purpose digital computers or other similar devices. Inall cases there should be borne in mind the distinction between the method of operations in operating a computer and the method of computation itselt. The 30 present invention relates to method steps for operating a computer in processing electrical or other (e.g. mechanical, chemical) physical signals to generate other desired physical signals.
LYH - 7 - ~2225 P109 .,,,., ~, ~,r.,~
: - ' s .. ~.
-The present invention also relates to an apparatus Sor performing these operations. This apparatus may be specially constructed for the required purposes, or it may comprise a general purpose computer as selectively 5 activated or reconfigured by a computer program stored in the computer. The algorithms presented herein are not inherently related to any particular computer or other apparatus. In particular, various general purpose machines may be used with programs written in accordance with the teachings herein, or it may prove more convenient to construct a more specialized apparatus to 10 perform the required method steps. The required structure for a variety of these machines wiil appear from the description given below.
DETAILED DESCRIPTION OF THF INVENTION
The following detailed description is divided into several sections. The first of these sections describes a general network environment for accessing a 5 database of licensed software programs. Subsequent sections discuss the details of a method for protecting against the unauthorized use ot a software application.
I. General Network Environment Referring to Figure 1, computer network environment comprises a plurality of data processing devices identified generally by numerals 10 through 10~ (illustrated as 10,10' and 10n). These data processing devices may include terminals, personal computers, workstations, minicomputer, 15 mainframes and even supercomputers. For the purposes of this Specification, all data processing devices which are coupled to the present invention's network are collectively referred to as ~agents~. It should be understood that the agents may be manufactured by different vendors and may also use different operating systems such as MS-DOS, UNIX, OS/2, MAC OS and 20 others. Particular examples of suitable agents include machines manu1actured by Sun Microsystems, Inc., Mountain View, Calif. Each of the agents has an input device such as a keyboard 11, 11' and 11~ or a mouse 12, 12' and 12n. As shown, agents 10 through 10~ (illustrated as 10,10' and 10n~ are interconnected for data transfer to one another by a common cable 13. It will be25 appreciated by one skilled in the art that the common cable 13 may comprise any shared media, such as coaxial cable, fiber optics, radio channel and the like. Furthermore, the network resulting from the interconnection of the cable 13 and agents 10 through 10n (illustrated as 10,10' and 10n) may assume a variety of topologies, such as ring, star, bus, and may also include a collection 30 of smal1er networks linked by gateways or bridges.
LYH - 9 - ~2225.P109 .': ,' ,~ .
-- 2~25434 Referring again to Figure 1 is a license service 14. The license service 14 is a resource shared by every agent connected to the network. In the preferred embodiment of the present invention, the license service 14 comprises license servers 15 through 15m (illustrated as 15,15' and 15m) and databases 17 through 17m (illustrated as 17,17' and 17m)~ where m is less than or equal to n. A license server is a program that runs on an agent with a memory storage capability. Each license server 15 (illustrated as 15,15' and 15m) communicates with a database 17 stored in memory on the agent over an interface 16 (illustrated as 16,16' and 16m). As will be described in detail below, the database 17 stores licensing information for various software applications which are purchased and authorized to run in the computer network environment. The license server is not limited to run on a specific agent, but can operate on any agent including the agent on which the user is to operate the application. Thus, any agent connected to the network may function as a license server as well as a device on which a user may operate application software. As will be described below, the license server does not perform verification of licenses of application software; rather the license server is passive and provides storing, locking, logging, and crash recovering function for the application software.
Figure 2 illustrates the architecture of a network licensing scheme of the present invention. The architecture comprises a database 18, database interface 19, license server 20, licensing library 24, License access module 27, license administration tool 21, license service binder 29, and license production tool 34.
The database 18 stores licensing information and application usage data. Preferably the database 18 comprises a plurality of records which contain the following information:
Database Flenlent Description Unique Key Table Keys for all other tables Vendor Table Vendor's ID and name Product Table Product number and name S Version Table Version number and date License Table License #,.exp date, total units License Token Table Stores encoded license token Unit Group Table A group's allocation of license Group List Table Name of the group Allowed Users Table Credentials of allowed users Current License Use Table Applications using a license Lock Table Locked records in database Authorized administrator Table Login names of administrators License Operation Log Table Administrator's log inSormation License Usage Log Table Request handle plus Client Log License Queue Log Table License wait queue Application Message Log Table Application specific messages A database interface 19 provides communication between the license server 20 and the database 18 in order to prevent concurrent access to the 20 same database record by multiple users which can cause the data in the record to become corrupted. Thus, only the owner of the lock can read from and write to the locked record during the usage of the application.
The license ser~er 20 operates on an agent and interfaces the database 18 to license administration tool 21, licensing library 24 and license service 25 binder 29. The license server 20 communicates with the license administration tool 21, licensing library 24 and license service binder 29 via an interface 23. Preferably the interface 23 is a remote procedure call L~'H - 11 - 82225.P109 4 3~
mechanism which permits a p~ocess operating on one device or agent A~, connected to the network to request a resource or service from a remote device or agent connected to the network See A. Birrell and B. Nelson, ~Implementing Remote Procedure Calls,~ ACM Transaction on Computer Systems, February 1984, Vol. 2, No. 1.
Multiple license servers may reside on multiple agents. Preferably the license server 20 operates in a background mode o~ the agent such that its operation is transparent to a user of that agent. More particularly, as will be described below, the license server 20 provides the following functions: 1) servicing the requests from the licensing library 24 for license token; (2) maintaining a wait queue ~or requests to the database 18 when no licensing units are available; (3) generating locks for exclusive access to database 18; and (4) providing access to infor-mation in the database 18.
The licensing library 24 is a set of library routines which enable the application 26 to request licensing service ~rom the license server 20. Upo receiving the request for service from the licensing library 24, the license server 20 retrieves a license token from the database 18 and transmits it to thelicensing library 24. The licensing library 24 is linked with the application 26and communicates with the license server 20 over a path 28 with, preferably, a remote procedure call mechanism 23. Among the major library calls in the licensing library 24 is the application's re~uest for a license from the licenseserver 20. Other important library calls include the request to renew and to release a license. The use o~ the license token to accomplish the reques~ for the various licensing service will be described in detail below.
The license access module (LAM) 27 is prepared by the software vendor 24 to decode the license token. Once decoded, the application 26 via routines in the licensing library verifies the licensing information in the license token and determines whether a license may be checked out. The LAM 27 LYH - 12 - 82225.P109 2~ 4 3 4 also encodes the license token be~ore the application returns it to the database18 via license server 20. The license access module 27 is described in further detail below.
The license administration tool 21 is utilized by the network administrator to perform administrative functions relevant to the concurrent usage of a software application. The license administration tool 21 may run on any agent connected to the computer network. The license administration tool 21 is primarily used to install the license token into the database 18 through the license server 20. The functionality of the license administration tool 21 includes: (13 starting orterminating a license server, (2) accessing a database controlled by a license server; and (3) generating and printing reports on license usage.
The application 26 may not access the database 18 directly; rather, the request for a license is made through the licensing library 24 to the license seNer 20 over a path 28. Most network licensing schemes employ secured communication between the licensing library 24 and the license server 20. In contrast, the present invention uses the license access module (LAM) 27 the license library 24 and a plurality of license tokens to protect against the unauthorized use of software application in a computer network.
Referring once again to Flgure 2, a license seNice binder 29 is shown coupled to the license seNer 20 over a path 30. The license service binder 29 is invoked by means known in the art, such as a network service program.
The license seNice binder 29 locates all agents that are designated as seNers on the network, and keeps track of which server is servicing which a,~plication.The license service binder 29 contacts each server on its table of available seNers and requests a list of products it serves. Finally the license seNice binder 29 writes the contents of the table of available license servers and the -list of products into a binding file 32 over a path 31. In Flgure 2, the bindingfile 32 is coupled to the licensing library 24 over a path 33. The application 26 _ .... . . .......................................... ~ .
";':: . . ,~, - - - ` ' . . .
queries the binding file 32 to see which license server can service its request for a license.
A license production tool 34 is used by the software vendor to create a 5 license token for transmittal to the network administrator. Receiving the license token, the network administrator installs it with the license administration tool 21 into the database 18 through license server 20.
Il. ~icense Token Referring to Figure 3, the creation of a license token in a computer network employing the preferred embodiment of the present invention will be described. A computer network 38 is shown coupled with a license administration tool 39 and a single license server 44. The license server 44 communicates with a database 45. Applications 41, 42, and 43 are shown 15 requesting licensing service from the license server 44. When a customer purchases a license for an application, such as a CAD/CAM program for its research and development department, the software vendor creates a license token with a license production tool, and delivers the license token to the customefs network administrator. A license token is a special bit pattern or 20 packet representing a license to use a software application. The network administrator installs the license token 46 into the database of the license server using the license administration tool 39. Unlike ;he token used in a token ring which is passed from agent to agent, a license token in the preferredembodiment of the present invention is passed only between a license server 25 and a licensing library for a predetermined amount of time. The predeterminedamount of time corresponds to the time the license token is checked out of the license server. Currently, the license token is checked out to an application for no more than ten seconds, and the license token is returned as quickly as possible to the issuing license server. The license token 46 contains 30 information encrypted in the vendor's format such as ,vendor identification, product and version numbers as well as the number of license units purchased LYH - 14 82225.P109 s,"
- -.``' ~ o ... ~. ..... .
for the license token. A license unit corresponds to the license weighting for an agent connected to the computer network. For example, powerful workstations could require more license units to use a software application than an average personal computer.
The software vendor produces a license token using a license production tool 40. A path 47 illustrates how a license token 46' makes its way to a license administration tool 39 at the customer's site. There, the system administrator installs the license token 46' as license token 46 into thelicense database 45 of the license server 44. A path 48 indicates the transfer of the license token 46' from the license administration tool 39 to the license server 44 and into the database 45 as license loken 46. The license server 44 is now ready to entertain requests from applications 41,42, and 43 for a license to use the application corresponding to token 46 as well as other applications represented in its database 45.
It should be understood that each network may have a plurality ot license servers and each license server may have in its database a plurality of license tokens for a variety of software applications. Referring again to Flgure3, if application A 41 requests and checks out the license token 46 for less than ten seconds, applications B and C 42,43 would be unable to check out the license token 46 if their equests were made during the same time application 41 is checking out a license from the license token 46 because of the locking mechanism provided by database intertace 19. Thus, to achieve concurrent license usage in network 38, it is preferred that the networ'~
administrator installs more than one license server. To minimize the task of recovering from license server crashes, it is also preferred that the system administrator spreads the license units for any one application among a plurality ot strategically located license servers. For instance, if a network has four license servers, the network administrator may want to allocate the twenty license units for a particular popular application among four license tokens with . ~.
five license units for each license token. In the event one license server crashes or the license token is checked out, the other three license servers may provide licensing service to other applications.
Figure 4a illustrates the use of a license token to request for a license.
As shown, a network 50 is provided, and is coupled to Applications 52, 54 and 56 respectively. Application 56 succeeded in requesting a license token from the license server 58 in step 59 The license token is transmined to application ~6 in step 60. When done, Application 56 returns the license token to the license server 58 in step 61. Aside from the license request function performed with the license token as shown in Figure 4a, the license token is also used in other critical stages of the licensing process. For example, an user may wish to run an application beyond the initial allocated time. -As shown in Figure 4b, Application 68 makes a license renewal request 71 from the license server 70 with license token 72. Similarly, in Figure 4c the user makes a license release request 83 when the application no longer needs the license units. As such, the user updates the license token 84 by returning the updated license token to the license server 82 in step 85.
Ill. License Access Module In Figure 2, a license access module (LAM3 27 is linked with the application 26 and the licensing library 24 to form the executable code that software vendors ship to the customers. The license access module 27 decodes and encodes the encrypted license token as it is being passed between the license server and the licensing library 24. Thus the level of security of an application from unauthorized use depends heavily upon how secure the license access module is.
Conventional network licensing schemes use publiclprivate key encryption to encode sensitive information. Such a scheme is ef~ective if the ---license server is in a trusted environment. However, the customer has the LY~ - 16-82225.P109 .. _ .
: .~,,. -. ~
: '' `'" ~: ,~
2 0 254 3fi same access to any agent in a network, including the license server. The security of the licensing scheme can be compromised by a user who decrypts the license server's private key. Once the unauthorized user determines the serve~s private key, he can decrypt all sensitive information on the license 5 server. Should all license servers use the same key, as is frequently done, then all the security of the applications served by all the license servers will be compromised.
The license access module 27 first translates a license token Srom a 10 vendor specific format to a format usable by the licensing library 24. The license access module accomplishes the translation in two modules. One module translates or decodes a license token from a vendor specific format to a licensing library format. The second module translates or encodes the updated license token from the licensing library format to the vendor specific format.
15 The second module is invoked anytime the licensing library updates the information in a license token.
Upon receiving the license token in the licensing library format, the licensing library invokes routines which verify the correctness of the license by 20 reviewing the following license information stored in the token: (l ) flag, (2) maintenance contract date, (3) host name and domain, (4) product name, (5) host id numbe-, (6) license serial number, and (7) expiration date of license.
This is compared to the information maintained by the application. If the information matches, the license is verified. After completing the verification 25 process, a routine in the licensing library is initiated which checks out thelicense by decrementing the license units in license token by the number of licensing units being checked out.
The decoding and encoding routines allow software vendors to 30 implement their own security mechanism to protect their licenses from unauthorized use even though they reside at the customer's site.
~' ' .
2025'~34 Below is an example of a sample application using the licensing library and the license access module written in C language:
5 #define LIC_RENEWAL TIME (60) /set renewal time for this session/
#define EST_LIC_RENEWAL_TIME (LIC_RENEWAL_TIME x .9) NL vendor_id NL_Vendor_id = 1223; /set vendor #/
NL_prod_num NL_Prod_num =~02" /set product #/
NL_version NL_Version = ( 12/20/88, ~1.0~ ); /set version id #/
. . .
status = NL_init (vendor_id, NULL, &job_id); /initialize license service/
if (status != NL_NO_ERROR) /accept job id if no error/
fprintf (stderr, ~nl_init failed - error =
%d~n~, status ); /error message if error and retu rn/
return;
}
units = 3;
code_funcs.encode~ = nl_encode; /pointer to encode function/
code_funcs.decode~ = nl decode; /pointer to decode function/
if (signal (SIGALRM), alarm_intr ) == (void ~) -1 ) /set alarm if no error/
{
perror (~Cannot set SIGALRM~); /otherwise, error message/
return;
status - NL_request aob_id, NL_Prod_num, /request a license/
&NL Version, units, LIC_RENEWAL_TIME, NL_L2_SRCH, &code_funcs, NULL, &re~handle, NULL, &app_info);
if (status != NL_NO ERROR) /no error, license checked 1 out from license server/
fprintf (stderr, ~nl_request failed - error=
%d\n~, status); /otherwise, error message/
retum;
}
/-We got a license /license request successful/
/
alarm (EST_LIC_RENEWAL_TIME); /set alarm for license renewal time/
Application Runs /runs application/
...
status = NL release (re~handle); /request to release a license/
if ~status l= NL_~O ERROR) fprintf (stderr, ~nl_release failed - error = /otherwise, error LYH - 18 - ~22~5 P'-^~
..... ..
: -- ,"
2025~34 %d\n~, status); messages/
, return;
. . .
~; int alarm_intr () status = NL_confirm (re~handle, /renew licensing unit with LIC_RENEWAL_TIME, NULL); licensing server/
10 r Verify vendor private inlormation If (status!= NL_NO_ERRO~) fprintf (stderr, ~nl_confirm failed - error= /otherwise, error %~n~, status); message/
puts ( license renewed~) /successful license renewal/
The sample application given above is accompanied by self-explanatory annotation to the right margin of the codes. Of particular interest are code_func.encode_p and code_func.decode~. Encode_p and decode_p are pointers to the software vendors encode and decode routines, 25 respectively. Taking the pointers in the code_func variable, the licensing library can use the pointers to invoke the decoding and encoding routines in the license access module. The three major licensing library routines, request for a license (NL_request), release a license (NL_release) and renew a license (NL_confirm) invoke the decoding and encoding routines. For examp e of a 30 license access module, see Appendix 1.
In implementing the license access module, the license server becomes merely a repository for license tokens. The licensing library coupled to the application performs the procedure of authenticating the license token prior to 3~ granting a license and therefore access to nun the application.
Because the level of security of the system is dictated by the license access module, the software vendors are free to make the license access -module as simple or as complex as they desire. In par~icular, they are free to LYH ~9 ~2225 P109 . ."'-"-- ~
}' ` - -- - , ...... ....
adopt any of the encryption schemes as part of their encryption routines. If thesecurity mechanism is broken, and the encryption known to others, then the software vendors can easily remedy the situation by releasing a new version of the product with a new license access module.
While the present invention has been particularly described with reference to Figures 1-4 as well as Appendix 1, and with emphasis on certain language in implementing a method to protect against the unauthorized use of software application in a computer network environment, it should be 10 understood that they are for illustration only and should no~ be taken as limitation upon the invention. In addition, it is clear that the method of the present invention has utility in any application run in a computer network environment. It is contemplated that many changes and modifications may be made, by one skilled in the art, without departing from the spirit and scope of 15 the invention disclosed above.
-~a-: ,~.1 l * Q (#)nl_la.c 1.21 89/09/13 * Copyright (c) 1988 by Sun Microsystems, Inc.
*/
/*
*************************************************************
*
* Module: nl_lam.c *
* Description:
* Contains the license access modules. Uses XDR to keep * the license token in a machine independent form. Uses * the des_crypt (3) routines to encrypt/decrypt the * licensing information.
*
* Functions:
* nl_decode() - Decodes a vendor's license token * nl_encode() - Encodes a vendor's license token * Notes:
*
*************************************************************
*/
#include <rpc/rpc.h>
#include <string.h>
#include <memory.h>
#include "nl_types.h"
#include "nl_prot_limits.h"
#include "nl_request.h"
#include "nl_token.h"
#include "nl_vendor.h"
#include "nl_licensel.h"
#include "nl_errno.h"
/*
*************************************************************
* Module Local Definitions *************************************************************
*/
/*
* Warning: This could be a potential security threat, leaving * a unencoded token lying around in memory.
Static NL_license _nl_lic_tok;
/*
*************************************************************
* Function Declarations *************************************************************
*/
void nl_lam();
static int _nl_decode();
static int _nl_encode();
/*
*************************************************************
*
APPENDIX 1 - Page 1 of 8 2~43~
~ * Function: nl_lam *
* Description:
* This function returns the address of the encode and * decode routines.
*
* Input:
* conv_2_ascii_p - storage that indicates whether to * conv to ascii * code_func_p - storage contains address of * encode/decode routines * Output:
* conv_2_ascii_p - returns an indication whether the token * should be converted to ascii so that it * may be printable.
* code_func_p - Contains address of encode/decode * routines *
* Returns:
* Nothing *
* Notes:
* 1) The reason that the conv_2_ascii_p value is returned * is to inform the License Production Tool if it needs * to do an ascii encoding on the license token. The * license token must be in some type of ascii form to * allow it to be transmitted over voice phone or to be * Fax'ed to an end user.
*
*************************************************************
*/
void nl_lam(conv_2_ascii_p, code_func_p) bool_t *conv_2_ascii_p;
NL_code_funcs *code_func_p;
{
if (conv_2_ascii_p != NULL) {
*conv_2_ascii_p= TRUE;
}
code_func_p->decode_p = _nl_decode;
code_func_p->encode_p = _nl_encode;
} /* nl_lam */
/*
*************************************************************
*
* Function: nl_decode * Description:
* Translates a license token from vendor specific format to * a client library specific format.
*
APPENDIX 1 - Page 2 of 8 , .
, ~ 2~5~34 * Input:
* en_tok_p - Pointer to the encoded token * en_length - Length of the encoded token in * bytes *
* Output:
* tok_p - Pointer to the token structure to * fill in * clnt_entry_p - Pointer to the address of the first * client usage entry *
* Returns:
* NL_NO_ERROR - Decoding succeeded * NL_E_DECODE_FAIL
*
* Side Effects:
* 1) Allocates memory for the client usage entries.
*
* Notes:
* 1) If tok_p->vend priv_p or tok_p->vend_priv_p-* >data_p is NULL then the call doesn't want it.
*
*************************************************************
*/
static int _nl_decode(en_tok_p, en_length, tok_p, clnt_entry_p) char *en_tok_p;
int en_Iength;
NL_token *tok_p;
NL_clnt_entry **clnt_entry_p;
{
NL_usage_entry usage_entry;
NL_clnt_entry *tmp_clnt_entry_p;
XDR xdrs;
int i;
int status;
int vend_size;
I*
* Make sure the size for the encoded token is * divisible by xdr bytes per unit.
if (en_length !- RNDUP(en_length)) return (NL_E_DECODE_FAIL);
}
/*
* Init an XDR stream */
xdrmem_create(&xdrs,en_tok_p, (u_int)en_length, XDR_DECODE);
APPENDIX 1 - Page 3 of 8 ~ (~ 2025434 status = NL_ NO_ERROR;
if (xdr_NL_license(&xdrs, &_nl_lic tok) == FALSE) xdr_destroy(&xdrs);
return (NL_E_DECODE_FAIL);
}
if (_nl_lic tok.magic == MY_VENDOR MAGIC) tok p->vendor_id = nl_lic_tok.vendor_id;
(vold) strncpy(tok_p->prod_num,nl_lic tok.prod_num, NL PROD_NUM_SIZE);
tok p->vers_secs - _nl_lic_tok.vers_secs;
memcpy(tok p->serial_num,nl_lic_tok.serial_num, NL_SERIAL_NUM_SIZE);
tok_p->expire_secs - _nl_lic_tok.expire_secs;
tok_p->maint_secs = _nl_lic_tok.maint_secs;
tok_p->total_units - _nl_lic_tok.total_units;
tok p->avail units = nl_lic_tok.avail_units;
(vold) Strncpy(tok_p->host, nl_lic_tok.host, NL_HOST_NAME_SIZE):
(void) strncpy(tok_p->domain, _nl_lic_tok.domain, NL_DOMAIN NAME_SIZE);
tok_p->hostid - nl_lic_tok.hostid;
tok_p->flag = _nl_lic_tok.flag;
tok_p->num clnts - _nl_lic_tok.num clnts;
/*
* Give the use a copy of the vendor private data if * they want it.
*/
vend_size = MIN(_nl_lic tok.vend_priv_size, NL VEND_PRIV_SIZE);
if (vend slze > 0 && tok_p->vend_priv_p != NULL &&
tok_p->vend_priv_p->data_p != NULL) {
tok_p->vend_priv_p->length = vend_size;
(void) memcpy (tok_p->vend_priv_p->data_p, nl_lic_tok.vend_priv, MIN(vend_size, tok_p->vend_priv_p->length));
tmp_clnt_entry_p = (NL_clnt_entry *) malloc((tok_p->num clnts+1)* size of (NL clnt entry));
*clnt_entry_p~- tmp_clnt_entry_p;
for (i=0; i < tok_p->num_clnts; i++, tmp clnt_entry_p++) APPENDIX 1 - Page 4 of 8 ,., .
" ' 2025434 xdr_NL_usage_entry(&xdrs, &usage_entry);
tmp_clnt_entry_p->req_handle =
usage_entry.req._handle;
tmp_clnt_entry p->units = usage_entry.units;
tmp_clnt_entry_p->renew_secs =
usage_entry.renew secs;
tmp_clnt_entry_p->clnt_secs =
usage_entry.clnt_secs;
tmp_clnt_entry_p->pid = usage_entry.pid;
}
}
else {
status = NL_E_DECODE_FAIL;
}
xdr_destroy(&xdrs);
return (status);
} /* nl_decode */
/*
*************************************************************
*
* Function: nl_encode *
* description:
* Translates a license token from a client library specific * format to a vendor specific format. Verifies that the * encrypted token does not exceed the NL_MAX_EN_TOKEN_SIZE.
*
* Input:
* tok_p - Pointer to the token structure to read * data from * clnt_entry_p - Pointer to the address of the first * client usage entry * Output:
* en_tok_p - Pointer to the encoded token * en_length - Length of the encoded token in bytes *
* Returns:
* NL_NO_ERROR - Encoding succeeded * NL E ENCODE FAIL
*
* Side Effects:
* 1) Frees memory for the client usage entries.
*
* Notes:
*
* 1) If tok_p->vend_priv_p is NULL then the call doesn't * want it.
*
*************************************************************
APPENDIX 1 - Page 5 of 8 -~, ~L(,o ~
` _ ' 2025434 */
static int nl_encode(tok_p, clnt_entry_p, en_tok_p, en_length_p) NL_token *tok_p;
NL_clnt_entry *clnt_entry_p;
char *en_tok_p;
int *en_length_p;
{
XDR xdrs;
NL_usage_entry usage_entry;
NL_clnt_entry *tmp_clnt_entry_p;
int i;
int tok_lenl;
int tok_len2;
int status;
status = NL_NO_ERROR;
/*
* Init an XDR stream */
xdrmem_create(&xdrs, en_tok_p, (u_int)NL_MAX_EN_TOKEN_SIZE, XDR_ENCODE);
/*
* If for some reason the license token that we Wl 11 * encode is not the same as the previous one decoded (in * our module local global) then we copy the information * in.
*/
if (memcmp(_nl_lic_tok.serial_num, tok_p->serlal_num, NL_SERIAL_NUM_SIZE) != 0) {
nl_lic_tok.magic = MY_VENDOR_MAGIC;
nl lic_tok.vendor_id - tok_p->vendor_id;
(vo~ld) strncpy(_nl_lic_tok.prod_num, tok_p->prod_num,NL_PROD_NUM_SIZE);nl_lic_tok.vers_secs = tok_p->vers_secs;
(void) memcpy(_nl_lic_tok.serial_num,tok_p->serial_num,NL_SERIAL_NUM_SIZE);nl_lic_tok.expire_secs = tok_p->expire_secs;
nl lic_tok.maint_secs = tok_p->maint_secs;
(vo~ld) strncpy(_nl_lic_tok.host, tok_p->host,NL_HOST_NAME_SIZE);
(void) strncpy(_nl_lic_tok.domain, tok_p->domain, NL_DOMAIN_NAME_SIZE);
nl_lic_tok.hostid - tok_p->hostid;
nl_lic_tok.flag = tok_p->flag;
f (tok_p->vend_priv_p != NULL &&
tok_p->vend priv_p->data_p != NULL) nl_lic_tok.vend_priv_size =
MIN(tok_p->vend_priv_p->length, NL_VEND_PRIV_SIZE);
(void) memcpy(_nl_lic_tok.vend_priv, tok_p->vend_priv_p->data_p, APPENDIX 1 - Page 6 of 8 ,,, ~.
nl lic_tok.vend_priv size);
}
else {
nl_lic_tok.vend_priv_size = O;
_nl_lic_tok.vend_priv[0] = NUL;
}
nl_lic_tok.total_units = tok_p->total_units;
nl_lic-tok.avail_units = tok_p->avail_units;
_nl lic tok.num clnts = tok p->num clnts;
if (xdr_NL_license(&xdrs, &_nl_lic_tok) == FALSE) {
xdr destroy(&xdrs);
return (NL_E_ENCODE_FAIL);
}
if (clnt_entry_p != NULL) tmp_clnt_entry p = (NL_clnt_entry *) malloc((_nl_lic_tok.num_clnts+l) *
size of(NL_clnt_entry)), tmp_clnt_entry_p = clnt_entry_p;
tok_lenl - (int)xdr_getpos(&xdrs);
for (i=0; i < tok_p->num_clnts; i++, tmp_clnt_entry_p++) {
usage_entry.req_handle = tmp_clnt_entry_p->req_handle;
usage_entry.units = tmp_clnt_entry_p->units;
usage_entry.renew_secs - tmp_clnt_entry_p->renew_secs;usage_entry.clnt_secs = tmp_clnt_entry_p->clnt_secs;usage_entry.pid = tmp_clnt_entry_p->pid;
xdr_NL_usage_entry(&xdrs, &usage_entry);
/*
* Quick check here for the first pass of this * loop. We find out how many bytes it took to * encode 1 users entry. We then estimate the * total number of bytes required and make sure * that we will not exceed * NL_MAX_EN_TOKEN_SIZE.
*/
if (i == O) {
tok_len2 = (int)xdr_getpos(&xdrs) -tok_lenl;
tok_len2 *= tok_p->num_clnts;
if ((tok_lenl+tok_len2) >
NL_MAX_EN_TOKEN_SIZE) APENDIX 1 - Page 7 of 8 , . .
`, ~g 2025434 _ ~ {
i = tok_p->num_clnts;
status = NL_E_ENCODE_FAIL;
} }
free ((char *)clnt_entry_p);
*en_length_p = (int)xdr_getpos(&xdrs);
xdr_destroy(&xdrs);
return (status);
} /* nl_encode */
APPENDIX 1 - Page 8 of 8 . . . Y
.~
1. FIELD OF THE INVENTION
The present invention relates to a method for protecting against 5 tho unauthorized use of a software application in a computer network environment.
2. ART ~ACKGROUND
A computer network is typically an interconnection of machines or 10 agents over links or cables. The open access characteristics of a computer network presents opportunities for the unauthorized copying of software, thus eroding the licensing revenue potential of software developers. Traditionally, either the entire network must be licensed (commonly referred to as a site license), or each node where the software is run must be licensed (commonly 15 referred to as a node license). A node refers to a single machine, agent or system in a computer network. A license is an authorization given by a software developer to a customer to use a software application in a specific manner.
A site license lets all users at a designated location or network use the software application, regardless of their position on the network. This Slat-fee approach is an overkill for a low usage software application. A node licsnse not only ties a software application to a particular machine in a net~vork, but also is not cost effective for the infrequent use of a software ~rp"~ on. See, for example, U.S. Patent No. 4,688,169. Furthermore, if new users of licensed nodes wish to use the software ~PF' cation, they are often - required to purchase additional licenses.
An alternative to a si1e license or a node license is the concept of a concurrent usage license. A concurrent usage license restricts the number of users allowed to use a software application at any given time, regardless of their location on the network. Just as renters check out available copies of a ~,~
...... ~
movie video from a video rental store, users on a network check out a software application from an agent on a first-come-first-serve basis. Thus, a concurrent usage license charges a fee for the use of a software application proportional to its actual use.
Methods to license a software application for concurrent use in a network environment are currently offered by Highland Software, Inc. and Apollo Computer, inc. See, M. Olson and P. Levine, ~Concurrent Access Licensingn, Unix Review, September 1988, Vol. 6, No. 9. In general, the 10 license for a software application is stored in a database controlled by a license server. A license server is a program that not only stores the license, but also verifies the user's credentials before checking out the license to the authenticated user. To protect against the authorized use, these methods to license concurrent usage rely on secured communications such as 15 public/private key encryption. Under public/private key encryption, each userof the system has two keys, one of which is generally known to the public, and the other which is private. The private transformation using the private key is related to the public one using the public key but the private key cannot be computationally determined from the public key. See Denning, D., 20 Cryptography and Data Security, Addison-Wesley, 1982. The encryption key is hidden in the license server to encrypt the database of licenses. Well designed public/private key encryption schemes are difficult to crack, especially if the license server is located in a trusted environment. A trusted environment is one whose access is limited to users having the proper 25 credentials. However, a license server is more likely to be located at a customer's site and hence in an hostile environment. It follows that the licenseserver is vulnerable to sophisticated intruders. Once the private key is decrypted, all sensitive information on the license server such as licenses are compromised.
-It is therefore an object of the present invention to provide a more secure method to protect against the unauthorized use of software in a concurrent use licensing environment.
-- 3~
202~434 SUMMARY OF THE INVENTION
The present invention provides to the software application the v~rification and license check out functions which are normally performed by a 5 license server. The preferred embodiment of the present invention comprises a computer network including a plurality of agents running at least one license server and at least one software application. The license server controls a database of an agent containing the license information for the software application. The license information is contained in a license token, and is 10 stored in the database controlled by the license server. The license token is a special bit pattem or packet which is encrypted by the software vendor of the application software. The software application communicates with the license server through a licensing library. The licensing library is a collection of library routines that the software application invokes to request or renew a license 15 from the license server. Before a software application obtains a license, the acense token must be decoded by a license access module. The license access module, which is linked with the software application and the licensing libraly is a program that decodes the license token from a vendor specific format to a licensing library format.
When an user wishes to run a software application, the licensing library invokes a call to request a license token from the license server. In contrast to the prior art where the license seNer either grants or denies the request after verifying the user's credentials, the license seNer in the preferred embodiment 25 of the present invention finds the correct license token for the software app'ic-t on and transmits the license token to the licensing library. The license access module attached to the licensing libra~y decodes the licensing token. ~- -Routines in the licensing library coupled to the software application verify theGcense information before checking out the license and updating the license 30 token. The license access module encodes the updated license token before returning it to the license server.
....~, - ~
~ -:
-~o25434 Because the verification and check out function of a license token are performed by a software application, the software application rather than the license serve! becomes the point of attack by unauthorized users. Reverse engineering the license access module is less rewarding than attacking the 5 license server because the license access module reveals the contents of a fraction of a database of licenses. By the time most attackers crack the licenseaccess module, the software vendors would most likely introduce newer versions of the software application and new license access modules for them.
Thus the present invention provides a more secure method for protecting 10 against the unauthorized use of a software application in a computer network environment without modifying the underlying computer network.
BRIFF DESCRIPTION OF THF DRAWINGS
Figure 1 illustrates a network environment employing the present invention.
Figure 2 describes the architecture of a network licensing scheme employing the preferred embodiment of the present invention.
Figure 3 describes the installation of a license token in the preferred 10 embodiment of the present invention.
Figure 4a illustrates the use of a license token to request a license from a license server in the preferred embodiment of the present invention.
Figure 4b illustrates the use of a license token to renew a license from a license server in the preferred embodiment of the present invention.
Figure 4c illustrates the use of a license token to release a license from a license server in the preferred embodiment of the present invention.
NOTATION AND NOMENCLATURF
The detailed description that tollows is presented largely in terms ot algorithms and symbolic representations o~ operations on data bits and data 5 structures within a computer memory. These algorithmic descriptions and representations are the means used by thcse skilled in the data processing arts to most effeclively convey the substance of their work to others skilled in the art.
An algorithm is here, and generally, conceived to be a self-consistent sequence of steps leading to a desired result. These steps are those requiring physical manipulation of physical quantities. Usually, though not necessarily, these quantities take the form ot electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It proves 15 convenient at times, principally for reasons of common usage, to refer to these signals as bit patterns, values, elements, symbols, characters, data packages, or the like. It should be borne in mind, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities.
Further, the manipulations performed are often referred to in terms, such as adding or comparing, that are commonly associated with mental operations performed by a human operator. No such capability of a human operator is , .
necessary, or desirable in most cases, in any of the operations described 25 herein that ~orm part of the present invention; the operations are machine operations. Useful machines for performing the operations of the present invention include general purpose digital computers or other similar devices. Inall cases there should be borne in mind the distinction between the method of operations in operating a computer and the method of computation itselt. The 30 present invention relates to method steps for operating a computer in processing electrical or other (e.g. mechanical, chemical) physical signals to generate other desired physical signals.
LYH - 7 - ~2225 P109 .,,,., ~, ~,r.,~
: - ' s .. ~.
-The present invention also relates to an apparatus Sor performing these operations. This apparatus may be specially constructed for the required purposes, or it may comprise a general purpose computer as selectively 5 activated or reconfigured by a computer program stored in the computer. The algorithms presented herein are not inherently related to any particular computer or other apparatus. In particular, various general purpose machines may be used with programs written in accordance with the teachings herein, or it may prove more convenient to construct a more specialized apparatus to 10 perform the required method steps. The required structure for a variety of these machines wiil appear from the description given below.
DETAILED DESCRIPTION OF THF INVENTION
The following detailed description is divided into several sections. The first of these sections describes a general network environment for accessing a 5 database of licensed software programs. Subsequent sections discuss the details of a method for protecting against the unauthorized use ot a software application.
I. General Network Environment Referring to Figure 1, computer network environment comprises a plurality of data processing devices identified generally by numerals 10 through 10~ (illustrated as 10,10' and 10n). These data processing devices may include terminals, personal computers, workstations, minicomputer, 15 mainframes and even supercomputers. For the purposes of this Specification, all data processing devices which are coupled to the present invention's network are collectively referred to as ~agents~. It should be understood that the agents may be manufactured by different vendors and may also use different operating systems such as MS-DOS, UNIX, OS/2, MAC OS and 20 others. Particular examples of suitable agents include machines manu1actured by Sun Microsystems, Inc., Mountain View, Calif. Each of the agents has an input device such as a keyboard 11, 11' and 11~ or a mouse 12, 12' and 12n. As shown, agents 10 through 10~ (illustrated as 10,10' and 10n~ are interconnected for data transfer to one another by a common cable 13. It will be25 appreciated by one skilled in the art that the common cable 13 may comprise any shared media, such as coaxial cable, fiber optics, radio channel and the like. Furthermore, the network resulting from the interconnection of the cable 13 and agents 10 through 10n (illustrated as 10,10' and 10n) may assume a variety of topologies, such as ring, star, bus, and may also include a collection 30 of smal1er networks linked by gateways or bridges.
LYH - 9 - ~2225.P109 .': ,' ,~ .
-- 2~25434 Referring again to Figure 1 is a license service 14. The license service 14 is a resource shared by every agent connected to the network. In the preferred embodiment of the present invention, the license service 14 comprises license servers 15 through 15m (illustrated as 15,15' and 15m) and databases 17 through 17m (illustrated as 17,17' and 17m)~ where m is less than or equal to n. A license server is a program that runs on an agent with a memory storage capability. Each license server 15 (illustrated as 15,15' and 15m) communicates with a database 17 stored in memory on the agent over an interface 16 (illustrated as 16,16' and 16m). As will be described in detail below, the database 17 stores licensing information for various software applications which are purchased and authorized to run in the computer network environment. The license server is not limited to run on a specific agent, but can operate on any agent including the agent on which the user is to operate the application. Thus, any agent connected to the network may function as a license server as well as a device on which a user may operate application software. As will be described below, the license server does not perform verification of licenses of application software; rather the license server is passive and provides storing, locking, logging, and crash recovering function for the application software.
Figure 2 illustrates the architecture of a network licensing scheme of the present invention. The architecture comprises a database 18, database interface 19, license server 20, licensing library 24, License access module 27, license administration tool 21, license service binder 29, and license production tool 34.
The database 18 stores licensing information and application usage data. Preferably the database 18 comprises a plurality of records which contain the following information:
Database Flenlent Description Unique Key Table Keys for all other tables Vendor Table Vendor's ID and name Product Table Product number and name S Version Table Version number and date License Table License #,.exp date, total units License Token Table Stores encoded license token Unit Group Table A group's allocation of license Group List Table Name of the group Allowed Users Table Credentials of allowed users Current License Use Table Applications using a license Lock Table Locked records in database Authorized administrator Table Login names of administrators License Operation Log Table Administrator's log inSormation License Usage Log Table Request handle plus Client Log License Queue Log Table License wait queue Application Message Log Table Application specific messages A database interface 19 provides communication between the license server 20 and the database 18 in order to prevent concurrent access to the 20 same database record by multiple users which can cause the data in the record to become corrupted. Thus, only the owner of the lock can read from and write to the locked record during the usage of the application.
The license ser~er 20 operates on an agent and interfaces the database 18 to license administration tool 21, licensing library 24 and license service 25 binder 29. The license server 20 communicates with the license administration tool 21, licensing library 24 and license service binder 29 via an interface 23. Preferably the interface 23 is a remote procedure call L~'H - 11 - 82225.P109 4 3~
mechanism which permits a p~ocess operating on one device or agent A~, connected to the network to request a resource or service from a remote device or agent connected to the network See A. Birrell and B. Nelson, ~Implementing Remote Procedure Calls,~ ACM Transaction on Computer Systems, February 1984, Vol. 2, No. 1.
Multiple license servers may reside on multiple agents. Preferably the license server 20 operates in a background mode o~ the agent such that its operation is transparent to a user of that agent. More particularly, as will be described below, the license server 20 provides the following functions: 1) servicing the requests from the licensing library 24 for license token; (2) maintaining a wait queue ~or requests to the database 18 when no licensing units are available; (3) generating locks for exclusive access to database 18; and (4) providing access to infor-mation in the database 18.
The licensing library 24 is a set of library routines which enable the application 26 to request licensing service ~rom the license server 20. Upo receiving the request for service from the licensing library 24, the license server 20 retrieves a license token from the database 18 and transmits it to thelicensing library 24. The licensing library 24 is linked with the application 26and communicates with the license server 20 over a path 28 with, preferably, a remote procedure call mechanism 23. Among the major library calls in the licensing library 24 is the application's re~uest for a license from the licenseserver 20. Other important library calls include the request to renew and to release a license. The use o~ the license token to accomplish the reques~ for the various licensing service will be described in detail below.
The license access module (LAM) 27 is prepared by the software vendor 24 to decode the license token. Once decoded, the application 26 via routines in the licensing library verifies the licensing information in the license token and determines whether a license may be checked out. The LAM 27 LYH - 12 - 82225.P109 2~ 4 3 4 also encodes the license token be~ore the application returns it to the database18 via license server 20. The license access module 27 is described in further detail below.
The license administration tool 21 is utilized by the network administrator to perform administrative functions relevant to the concurrent usage of a software application. The license administration tool 21 may run on any agent connected to the computer network. The license administration tool 21 is primarily used to install the license token into the database 18 through the license server 20. The functionality of the license administration tool 21 includes: (13 starting orterminating a license server, (2) accessing a database controlled by a license server; and (3) generating and printing reports on license usage.
The application 26 may not access the database 18 directly; rather, the request for a license is made through the licensing library 24 to the license seNer 20 over a path 28. Most network licensing schemes employ secured communication between the licensing library 24 and the license server 20. In contrast, the present invention uses the license access module (LAM) 27 the license library 24 and a plurality of license tokens to protect against the unauthorized use of software application in a computer network.
Referring once again to Flgure 2, a license seNice binder 29 is shown coupled to the license seNer 20 over a path 30. The license service binder 29 is invoked by means known in the art, such as a network service program.
The license seNice binder 29 locates all agents that are designated as seNers on the network, and keeps track of which server is servicing which a,~plication.The license service binder 29 contacts each server on its table of available seNers and requests a list of products it serves. Finally the license seNice binder 29 writes the contents of the table of available license servers and the -list of products into a binding file 32 over a path 31. In Flgure 2, the bindingfile 32 is coupled to the licensing library 24 over a path 33. The application 26 _ .... . . .......................................... ~ .
";':: . . ,~, - - - ` ' . . .
queries the binding file 32 to see which license server can service its request for a license.
A license production tool 34 is used by the software vendor to create a 5 license token for transmittal to the network administrator. Receiving the license token, the network administrator installs it with the license administration tool 21 into the database 18 through license server 20.
Il. ~icense Token Referring to Figure 3, the creation of a license token in a computer network employing the preferred embodiment of the present invention will be described. A computer network 38 is shown coupled with a license administration tool 39 and a single license server 44. The license server 44 communicates with a database 45. Applications 41, 42, and 43 are shown 15 requesting licensing service from the license server 44. When a customer purchases a license for an application, such as a CAD/CAM program for its research and development department, the software vendor creates a license token with a license production tool, and delivers the license token to the customefs network administrator. A license token is a special bit pattern or 20 packet representing a license to use a software application. The network administrator installs the license token 46 into the database of the license server using the license administration tool 39. Unlike ;he token used in a token ring which is passed from agent to agent, a license token in the preferredembodiment of the present invention is passed only between a license server 25 and a licensing library for a predetermined amount of time. The predeterminedamount of time corresponds to the time the license token is checked out of the license server. Currently, the license token is checked out to an application for no more than ten seconds, and the license token is returned as quickly as possible to the issuing license server. The license token 46 contains 30 information encrypted in the vendor's format such as ,vendor identification, product and version numbers as well as the number of license units purchased LYH - 14 82225.P109 s,"
- -.``' ~ o ... ~. ..... .
for the license token. A license unit corresponds to the license weighting for an agent connected to the computer network. For example, powerful workstations could require more license units to use a software application than an average personal computer.
The software vendor produces a license token using a license production tool 40. A path 47 illustrates how a license token 46' makes its way to a license administration tool 39 at the customer's site. There, the system administrator installs the license token 46' as license token 46 into thelicense database 45 of the license server 44. A path 48 indicates the transfer of the license token 46' from the license administration tool 39 to the license server 44 and into the database 45 as license loken 46. The license server 44 is now ready to entertain requests from applications 41,42, and 43 for a license to use the application corresponding to token 46 as well as other applications represented in its database 45.
It should be understood that each network may have a plurality ot license servers and each license server may have in its database a plurality of license tokens for a variety of software applications. Referring again to Flgure3, if application A 41 requests and checks out the license token 46 for less than ten seconds, applications B and C 42,43 would be unable to check out the license token 46 if their equests were made during the same time application 41 is checking out a license from the license token 46 because of the locking mechanism provided by database intertace 19. Thus, to achieve concurrent license usage in network 38, it is preferred that the networ'~
administrator installs more than one license server. To minimize the task of recovering from license server crashes, it is also preferred that the system administrator spreads the license units for any one application among a plurality ot strategically located license servers. For instance, if a network has four license servers, the network administrator may want to allocate the twenty license units for a particular popular application among four license tokens with . ~.
five license units for each license token. In the event one license server crashes or the license token is checked out, the other three license servers may provide licensing service to other applications.
Figure 4a illustrates the use of a license token to request for a license.
As shown, a network 50 is provided, and is coupled to Applications 52, 54 and 56 respectively. Application 56 succeeded in requesting a license token from the license server 58 in step 59 The license token is transmined to application ~6 in step 60. When done, Application 56 returns the license token to the license server 58 in step 61. Aside from the license request function performed with the license token as shown in Figure 4a, the license token is also used in other critical stages of the licensing process. For example, an user may wish to run an application beyond the initial allocated time. -As shown in Figure 4b, Application 68 makes a license renewal request 71 from the license server 70 with license token 72. Similarly, in Figure 4c the user makes a license release request 83 when the application no longer needs the license units. As such, the user updates the license token 84 by returning the updated license token to the license server 82 in step 85.
Ill. License Access Module In Figure 2, a license access module (LAM3 27 is linked with the application 26 and the licensing library 24 to form the executable code that software vendors ship to the customers. The license access module 27 decodes and encodes the encrypted license token as it is being passed between the license server and the licensing library 24. Thus the level of security of an application from unauthorized use depends heavily upon how secure the license access module is.
Conventional network licensing schemes use publiclprivate key encryption to encode sensitive information. Such a scheme is ef~ective if the ---license server is in a trusted environment. However, the customer has the LY~ - 16-82225.P109 .. _ .
: .~,,. -. ~
: '' `'" ~: ,~
2 0 254 3fi same access to any agent in a network, including the license server. The security of the licensing scheme can be compromised by a user who decrypts the license server's private key. Once the unauthorized user determines the serve~s private key, he can decrypt all sensitive information on the license 5 server. Should all license servers use the same key, as is frequently done, then all the security of the applications served by all the license servers will be compromised.
The license access module 27 first translates a license token Srom a 10 vendor specific format to a format usable by the licensing library 24. The license access module accomplishes the translation in two modules. One module translates or decodes a license token from a vendor specific format to a licensing library format. The second module translates or encodes the updated license token from the licensing library format to the vendor specific format.
15 The second module is invoked anytime the licensing library updates the information in a license token.
Upon receiving the license token in the licensing library format, the licensing library invokes routines which verify the correctness of the license by 20 reviewing the following license information stored in the token: (l ) flag, (2) maintenance contract date, (3) host name and domain, (4) product name, (5) host id numbe-, (6) license serial number, and (7) expiration date of license.
This is compared to the information maintained by the application. If the information matches, the license is verified. After completing the verification 25 process, a routine in the licensing library is initiated which checks out thelicense by decrementing the license units in license token by the number of licensing units being checked out.
The decoding and encoding routines allow software vendors to 30 implement their own security mechanism to protect their licenses from unauthorized use even though they reside at the customer's site.
~' ' .
2025'~34 Below is an example of a sample application using the licensing library and the license access module written in C language:
5 #define LIC_RENEWAL TIME (60) /set renewal time for this session/
#define EST_LIC_RENEWAL_TIME (LIC_RENEWAL_TIME x .9) NL vendor_id NL_Vendor_id = 1223; /set vendor #/
NL_prod_num NL_Prod_num =~02" /set product #/
NL_version NL_Version = ( 12/20/88, ~1.0~ ); /set version id #/
. . .
status = NL_init (vendor_id, NULL, &job_id); /initialize license service/
if (status != NL_NO_ERROR) /accept job id if no error/
fprintf (stderr, ~nl_init failed - error =
%d~n~, status ); /error message if error and retu rn/
return;
}
units = 3;
code_funcs.encode~ = nl_encode; /pointer to encode function/
code_funcs.decode~ = nl decode; /pointer to decode function/
if (signal (SIGALRM), alarm_intr ) == (void ~) -1 ) /set alarm if no error/
{
perror (~Cannot set SIGALRM~); /otherwise, error message/
return;
status - NL_request aob_id, NL_Prod_num, /request a license/
&NL Version, units, LIC_RENEWAL_TIME, NL_L2_SRCH, &code_funcs, NULL, &re~handle, NULL, &app_info);
if (status != NL_NO ERROR) /no error, license checked 1 out from license server/
fprintf (stderr, ~nl_request failed - error=
%d\n~, status); /otherwise, error message/
retum;
}
/-We got a license /license request successful/
/
alarm (EST_LIC_RENEWAL_TIME); /set alarm for license renewal time/
Application Runs /runs application/
...
status = NL release (re~handle); /request to release a license/
if ~status l= NL_~O ERROR) fprintf (stderr, ~nl_release failed - error = /otherwise, error LYH - 18 - ~22~5 P'-^~
..... ..
: -- ,"
2025~34 %d\n~, status); messages/
, return;
. . .
~; int alarm_intr () status = NL_confirm (re~handle, /renew licensing unit with LIC_RENEWAL_TIME, NULL); licensing server/
10 r Verify vendor private inlormation If (status!= NL_NO_ERRO~) fprintf (stderr, ~nl_confirm failed - error= /otherwise, error %~n~, status); message/
puts ( license renewed~) /successful license renewal/
The sample application given above is accompanied by self-explanatory annotation to the right margin of the codes. Of particular interest are code_func.encode_p and code_func.decode~. Encode_p and decode_p are pointers to the software vendors encode and decode routines, 25 respectively. Taking the pointers in the code_func variable, the licensing library can use the pointers to invoke the decoding and encoding routines in the license access module. The three major licensing library routines, request for a license (NL_request), release a license (NL_release) and renew a license (NL_confirm) invoke the decoding and encoding routines. For examp e of a 30 license access module, see Appendix 1.
In implementing the license access module, the license server becomes merely a repository for license tokens. The licensing library coupled to the application performs the procedure of authenticating the license token prior to 3~ granting a license and therefore access to nun the application.
Because the level of security of the system is dictated by the license access module, the software vendors are free to make the license access -module as simple or as complex as they desire. In par~icular, they are free to LYH ~9 ~2225 P109 . ."'-"-- ~
}' ` - -- - , ...... ....
adopt any of the encryption schemes as part of their encryption routines. If thesecurity mechanism is broken, and the encryption known to others, then the software vendors can easily remedy the situation by releasing a new version of the product with a new license access module.
While the present invention has been particularly described with reference to Figures 1-4 as well as Appendix 1, and with emphasis on certain language in implementing a method to protect against the unauthorized use of software application in a computer network environment, it should be 10 understood that they are for illustration only and should no~ be taken as limitation upon the invention. In addition, it is clear that the method of the present invention has utility in any application run in a computer network environment. It is contemplated that many changes and modifications may be made, by one skilled in the art, without departing from the spirit and scope of 15 the invention disclosed above.
-~a-: ,~.1 l * Q (#)nl_la.c 1.21 89/09/13 * Copyright (c) 1988 by Sun Microsystems, Inc.
*/
/*
*************************************************************
*
* Module: nl_lam.c *
* Description:
* Contains the license access modules. Uses XDR to keep * the license token in a machine independent form. Uses * the des_crypt (3) routines to encrypt/decrypt the * licensing information.
*
* Functions:
* nl_decode() - Decodes a vendor's license token * nl_encode() - Encodes a vendor's license token * Notes:
*
*************************************************************
*/
#include <rpc/rpc.h>
#include <string.h>
#include <memory.h>
#include "nl_types.h"
#include "nl_prot_limits.h"
#include "nl_request.h"
#include "nl_token.h"
#include "nl_vendor.h"
#include "nl_licensel.h"
#include "nl_errno.h"
/*
*************************************************************
* Module Local Definitions *************************************************************
*/
/*
* Warning: This could be a potential security threat, leaving * a unencoded token lying around in memory.
Static NL_license _nl_lic_tok;
/*
*************************************************************
* Function Declarations *************************************************************
*/
void nl_lam();
static int _nl_decode();
static int _nl_encode();
/*
*************************************************************
*
APPENDIX 1 - Page 1 of 8 2~43~
~ * Function: nl_lam *
* Description:
* This function returns the address of the encode and * decode routines.
*
* Input:
* conv_2_ascii_p - storage that indicates whether to * conv to ascii * code_func_p - storage contains address of * encode/decode routines * Output:
* conv_2_ascii_p - returns an indication whether the token * should be converted to ascii so that it * may be printable.
* code_func_p - Contains address of encode/decode * routines *
* Returns:
* Nothing *
* Notes:
* 1) The reason that the conv_2_ascii_p value is returned * is to inform the License Production Tool if it needs * to do an ascii encoding on the license token. The * license token must be in some type of ascii form to * allow it to be transmitted over voice phone or to be * Fax'ed to an end user.
*
*************************************************************
*/
void nl_lam(conv_2_ascii_p, code_func_p) bool_t *conv_2_ascii_p;
NL_code_funcs *code_func_p;
{
if (conv_2_ascii_p != NULL) {
*conv_2_ascii_p= TRUE;
}
code_func_p->decode_p = _nl_decode;
code_func_p->encode_p = _nl_encode;
} /* nl_lam */
/*
*************************************************************
*
* Function: nl_decode * Description:
* Translates a license token from vendor specific format to * a client library specific format.
*
APPENDIX 1 - Page 2 of 8 , .
, ~ 2~5~34 * Input:
* en_tok_p - Pointer to the encoded token * en_length - Length of the encoded token in * bytes *
* Output:
* tok_p - Pointer to the token structure to * fill in * clnt_entry_p - Pointer to the address of the first * client usage entry *
* Returns:
* NL_NO_ERROR - Decoding succeeded * NL_E_DECODE_FAIL
*
* Side Effects:
* 1) Allocates memory for the client usage entries.
*
* Notes:
* 1) If tok_p->vend priv_p or tok_p->vend_priv_p-* >data_p is NULL then the call doesn't want it.
*
*************************************************************
*/
static int _nl_decode(en_tok_p, en_length, tok_p, clnt_entry_p) char *en_tok_p;
int en_Iength;
NL_token *tok_p;
NL_clnt_entry **clnt_entry_p;
{
NL_usage_entry usage_entry;
NL_clnt_entry *tmp_clnt_entry_p;
XDR xdrs;
int i;
int status;
int vend_size;
I*
* Make sure the size for the encoded token is * divisible by xdr bytes per unit.
if (en_length !- RNDUP(en_length)) return (NL_E_DECODE_FAIL);
}
/*
* Init an XDR stream */
xdrmem_create(&xdrs,en_tok_p, (u_int)en_length, XDR_DECODE);
APPENDIX 1 - Page 3 of 8 ~ (~ 2025434 status = NL_ NO_ERROR;
if (xdr_NL_license(&xdrs, &_nl_lic tok) == FALSE) xdr_destroy(&xdrs);
return (NL_E_DECODE_FAIL);
}
if (_nl_lic tok.magic == MY_VENDOR MAGIC) tok p->vendor_id = nl_lic_tok.vendor_id;
(vold) strncpy(tok_p->prod_num,nl_lic tok.prod_num, NL PROD_NUM_SIZE);
tok p->vers_secs - _nl_lic_tok.vers_secs;
memcpy(tok p->serial_num,nl_lic_tok.serial_num, NL_SERIAL_NUM_SIZE);
tok_p->expire_secs - _nl_lic_tok.expire_secs;
tok_p->maint_secs = _nl_lic_tok.maint_secs;
tok_p->total_units - _nl_lic_tok.total_units;
tok p->avail units = nl_lic_tok.avail_units;
(vold) Strncpy(tok_p->host, nl_lic_tok.host, NL_HOST_NAME_SIZE):
(void) strncpy(tok_p->domain, _nl_lic_tok.domain, NL_DOMAIN NAME_SIZE);
tok_p->hostid - nl_lic_tok.hostid;
tok_p->flag = _nl_lic_tok.flag;
tok_p->num clnts - _nl_lic_tok.num clnts;
/*
* Give the use a copy of the vendor private data if * they want it.
*/
vend_size = MIN(_nl_lic tok.vend_priv_size, NL VEND_PRIV_SIZE);
if (vend slze > 0 && tok_p->vend_priv_p != NULL &&
tok_p->vend_priv_p->data_p != NULL) {
tok_p->vend_priv_p->length = vend_size;
(void) memcpy (tok_p->vend_priv_p->data_p, nl_lic_tok.vend_priv, MIN(vend_size, tok_p->vend_priv_p->length));
tmp_clnt_entry_p = (NL_clnt_entry *) malloc((tok_p->num clnts+1)* size of (NL clnt entry));
*clnt_entry_p~- tmp_clnt_entry_p;
for (i=0; i < tok_p->num_clnts; i++, tmp clnt_entry_p++) APPENDIX 1 - Page 4 of 8 ,., .
" ' 2025434 xdr_NL_usage_entry(&xdrs, &usage_entry);
tmp_clnt_entry_p->req_handle =
usage_entry.req._handle;
tmp_clnt_entry p->units = usage_entry.units;
tmp_clnt_entry_p->renew_secs =
usage_entry.renew secs;
tmp_clnt_entry_p->clnt_secs =
usage_entry.clnt_secs;
tmp_clnt_entry_p->pid = usage_entry.pid;
}
}
else {
status = NL_E_DECODE_FAIL;
}
xdr_destroy(&xdrs);
return (status);
} /* nl_decode */
/*
*************************************************************
*
* Function: nl_encode *
* description:
* Translates a license token from a client library specific * format to a vendor specific format. Verifies that the * encrypted token does not exceed the NL_MAX_EN_TOKEN_SIZE.
*
* Input:
* tok_p - Pointer to the token structure to read * data from * clnt_entry_p - Pointer to the address of the first * client usage entry * Output:
* en_tok_p - Pointer to the encoded token * en_length - Length of the encoded token in bytes *
* Returns:
* NL_NO_ERROR - Encoding succeeded * NL E ENCODE FAIL
*
* Side Effects:
* 1) Frees memory for the client usage entries.
*
* Notes:
*
* 1) If tok_p->vend_priv_p is NULL then the call doesn't * want it.
*
*************************************************************
APPENDIX 1 - Page 5 of 8 -~, ~L(,o ~
` _ ' 2025434 */
static int nl_encode(tok_p, clnt_entry_p, en_tok_p, en_length_p) NL_token *tok_p;
NL_clnt_entry *clnt_entry_p;
char *en_tok_p;
int *en_length_p;
{
XDR xdrs;
NL_usage_entry usage_entry;
NL_clnt_entry *tmp_clnt_entry_p;
int i;
int tok_lenl;
int tok_len2;
int status;
status = NL_NO_ERROR;
/*
* Init an XDR stream */
xdrmem_create(&xdrs, en_tok_p, (u_int)NL_MAX_EN_TOKEN_SIZE, XDR_ENCODE);
/*
* If for some reason the license token that we Wl 11 * encode is not the same as the previous one decoded (in * our module local global) then we copy the information * in.
*/
if (memcmp(_nl_lic_tok.serial_num, tok_p->serlal_num, NL_SERIAL_NUM_SIZE) != 0) {
nl_lic_tok.magic = MY_VENDOR_MAGIC;
nl lic_tok.vendor_id - tok_p->vendor_id;
(vo~ld) strncpy(_nl_lic_tok.prod_num, tok_p->prod_num,NL_PROD_NUM_SIZE);nl_lic_tok.vers_secs = tok_p->vers_secs;
(void) memcpy(_nl_lic_tok.serial_num,tok_p->serial_num,NL_SERIAL_NUM_SIZE);nl_lic_tok.expire_secs = tok_p->expire_secs;
nl lic_tok.maint_secs = tok_p->maint_secs;
(vo~ld) strncpy(_nl_lic_tok.host, tok_p->host,NL_HOST_NAME_SIZE);
(void) strncpy(_nl_lic_tok.domain, tok_p->domain, NL_DOMAIN_NAME_SIZE);
nl_lic_tok.hostid - tok_p->hostid;
nl_lic_tok.flag = tok_p->flag;
f (tok_p->vend_priv_p != NULL &&
tok_p->vend priv_p->data_p != NULL) nl_lic_tok.vend_priv_size =
MIN(tok_p->vend_priv_p->length, NL_VEND_PRIV_SIZE);
(void) memcpy(_nl_lic_tok.vend_priv, tok_p->vend_priv_p->data_p, APPENDIX 1 - Page 6 of 8 ,,, ~.
nl lic_tok.vend_priv size);
}
else {
nl_lic_tok.vend_priv_size = O;
_nl_lic_tok.vend_priv[0] = NUL;
}
nl_lic_tok.total_units = tok_p->total_units;
nl_lic-tok.avail_units = tok_p->avail_units;
_nl lic tok.num clnts = tok p->num clnts;
if (xdr_NL_license(&xdrs, &_nl_lic_tok) == FALSE) {
xdr destroy(&xdrs);
return (NL_E_ENCODE_FAIL);
}
if (clnt_entry_p != NULL) tmp_clnt_entry p = (NL_clnt_entry *) malloc((_nl_lic_tok.num_clnts+l) *
size of(NL_clnt_entry)), tmp_clnt_entry_p = clnt_entry_p;
tok_lenl - (int)xdr_getpos(&xdrs);
for (i=0; i < tok_p->num_clnts; i++, tmp_clnt_entry_p++) {
usage_entry.req_handle = tmp_clnt_entry_p->req_handle;
usage_entry.units = tmp_clnt_entry_p->units;
usage_entry.renew_secs - tmp_clnt_entry_p->renew_secs;usage_entry.clnt_secs = tmp_clnt_entry_p->clnt_secs;usage_entry.pid = tmp_clnt_entry_p->pid;
xdr_NL_usage_entry(&xdrs, &usage_entry);
/*
* Quick check here for the first pass of this * loop. We find out how many bytes it took to * encode 1 users entry. We then estimate the * total number of bytes required and make sure * that we will not exceed * NL_MAX_EN_TOKEN_SIZE.
*/
if (i == O) {
tok_len2 = (int)xdr_getpos(&xdrs) -tok_lenl;
tok_len2 *= tok_p->num_clnts;
if ((tok_lenl+tok_len2) >
NL_MAX_EN_TOKEN_SIZE) APENDIX 1 - Page 7 of 8 , . .
`, ~g 2025434 _ ~ {
i = tok_p->num_clnts;
status = NL_E_ENCODE_FAIL;
} }
free ((char *)clnt_entry_p);
*en_length_p = (int)xdr_getpos(&xdrs);
xdr_destroy(&xdrs);
return (status);
} /* nl_encode */
APPENDIX 1 - Page 8 of 8 . . . Y
.~
Claims (22)
1. In a computer network environment including a plurality of software applications licensed to run on at least one network of agents, said applications located on said agents wherein use of the application on a particular agent is permitted upon the grant of a license, said license being requested by a user from said agent of said applications, a system for protecting against the unauthorized use of said applications comprising:
license token means for storing licensing information of said applications;
license server means connected to said agents for communicating with said applications, said license server means having a database which stores said license token means, said license server means further retrieving said license token means from said database upon a request for a license by said applications, said license server means further transmitting said license token means to said applications;
license access means connected to said agents for decoding and encoding said license token means from said license server means, said license access means being integrated with said applications, said license access means receiving said license token means from said license server means; and licensing library means connected to said agents for verifying said decoded license token means before access to said license is granted, said licensing library means being integrated with said applications.
license token means for storing licensing information of said applications;
license server means connected to said agents for communicating with said applications, said license server means having a database which stores said license token means, said license server means further retrieving said license token means from said database upon a request for a license by said applications, said license server means further transmitting said license token means to said applications;
license access means connected to said agents for decoding and encoding said license token means from said license server means, said license access means being integrated with said applications, said license access means receiving said license token means from said license server means; and licensing library means connected to said agents for verifying said decoded license token means before access to said license is granted, said licensing library means being integrated with said applications.
2. The system as defined in Claim 1, wherein each said license token means containing licensing information for at least one version of each said applications.
3. The system as defined in claim 1, wherein the contents of said license token means is encrypted.
4. The system as defined in claim 1, wherein said license token means is passed between said license server means and said licensing library means for a predetermined time period.
5. The license token means as defined in claim 4 wherein during said predetermined time period, only one said applications may check out one said license token means.
6. The system as defined in Claim 1, wherein said license server means receives said request for a license from said applications, said license server searches in said database for a license token means storing the license requested by said applications before retrieving said license token means.
7. The system as defined in Claim 1, wherein said license access means decodes the contents of said license token means before said licensing library means verifies said license token means.
8. The system as defined in Claim 1, wherein said license access means encodes said license token means after said licensing library verifies said license token means and prior to returning said license token means to said license server means.
9. The system as defined in Claim 1, wherein said licensing library verifies said license token means by comparing the licensing information stored in said license token means with the licensing information maintained by said application.
10. The system as defined in Claim 1, wherein said licensing library means checks out said license of said application in response to a positive comparison of the license information.
11. The licensing library means as defined in Claim 10, wherein said license for said application being checked out after said licensing library verifies said license token means.
12. In a computer network environment including a plurality of software applications licensed to run on at least one network of agents, said applications located on said agents wherein use of the application on a particular agent is permitted upon the grant of a license, said license being requested by a user from said agent of said applications, a system for protecting against the unauthorized use of said applications comprising:
license token means for storing licensing information of said applications;
license server means connected to said agents for communicating with said applications, said license server means having a database which stores said license token means, said license server means further retrieving said license token means from said database upon a request for a license by said applications, said license server means further transmitting said license token means to said applications;
license access means connected to said application and accessible from said agents for decoding and encoding said license token means from said license server means, said license access means being integrated with said applications;
licensing library means connected to said application and accessible from said agents for verifying said decoded license token means before access to said license is granted, said licensing library means being integrated with said applications; and license binding means connected to said license server means and to said licensing library means for constructing a binding file, said binding file informing said licensing library means which of said license server means may grant a license to said application.
license token means for storing licensing information of said applications;
license server means connected to said agents for communicating with said applications, said license server means having a database which stores said license token means, said license server means further retrieving said license token means from said database upon a request for a license by said applications, said license server means further transmitting said license token means to said applications;
license access means connected to said application and accessible from said agents for decoding and encoding said license token means from said license server means, said license access means being integrated with said applications;
licensing library means connected to said application and accessible from said agents for verifying said decoded license token means before access to said license is granted, said licensing library means being integrated with said applications; and license binding means connected to said license server means and to said licensing library means for constructing a binding file, said binding file informing said licensing library means which of said license server means may grant a license to said application.
13. The system as defined in Claim 12, wherein said licensing library means are located on the same agents as said applications.
14. The system as defined in Claim 12, wherein said license server means are located on the same agents as said licensing library means.
15. The system as defined in Claim 12, wherein each said license token means contains licensing information for at least one version of each of said applications.
16. The system as defined in Claim 12, wherein the contents of said license means is encrypted.
17. The system as defined in Claim 12, wherein said license token means is passed between said license server means and said licensing library means for a predetermined time period.
18. The license token means as defined in Claim 17, wherein, during said predetermined time period, only one of said applications may check out one said license token means.
19. The system as defined in Claim 12, wherein said license server means further transmit said license token means to said licensing library means.
20. The system as defined in Claim 12, wherein said license access means decodes the contents of said license token means before said licensing library means verifies said license token means.
21. The system as defined in Claim 12, wherein said license access means encodes said license token means after said licensing library verifies said license token means and prior to returning said license token means to said license server means.
22. The system as defined in Claim 12, wherein said license binding means constructs said binding file by contacting each said license server means to request for a list of applications it serves, said binding file containing said list of applications available from said license server means.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US07/415,984 US5138712A (en) | 1989-10-02 | 1989-10-02 | Apparatus and method for licensing software on a network of computers |
US415,984 | 1989-10-02 |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2025434A1 CA2025434A1 (en) | 1991-04-03 |
CA2025434C true CA2025434C (en) | 1995-11-28 |
Family
ID=23648047
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002025434A Expired - Fee Related CA2025434C (en) | 1989-10-02 | 1990-09-14 | Method for protecting against the unauthorized use of software in a computer network environment |
Country Status (5)
Country | Link |
---|---|
US (1) | US5138712A (en) |
JP (1) | JP2928949B2 (en) |
CA (1) | CA2025434C (en) |
GB (1) | GB2236604B (en) |
HK (1) | HK48594A (en) |
Families Citing this family (478)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CA1337132C (en) | 1988-07-15 | 1995-09-26 | Robert Filepp | Reception system for an interactive computer network and method of operation |
DE69031164T2 (en) * | 1989-09-14 | 1998-01-02 | Fujitsu Ltd | LIMITED TIME CENTER SYSTEM FOR DECENTRALIZED DATABASE SYSTEM |
AU639802B2 (en) * | 1990-08-14 | 1993-08-05 | Oracle International Corporation | Methods and apparatus for providing dynamic invocation of applications in a distributed heterogeneous environment |
AU628264B2 (en) * | 1990-08-14 | 1992-09-10 | Oracle International Corporation | Methods and apparatus for providing a client interface to an object-oriented invocation of an application |
US5559955A (en) * | 1990-09-17 | 1996-09-24 | Cabletron Systems, Inc. | Method and apparatus for monitoring the status of non-pollable device in a computer network |
US5751933A (en) * | 1990-09-17 | 1998-05-12 | Dev; Roger H. | System for determining the status of an entity in a computer network |
DE69126666T2 (en) * | 1990-09-17 | 1998-02-12 | Cabletron Systems Inc | NETWORK MANAGEMENT SYSTEM WITH MODEL-BASED INTELLIGENCE |
US5295244A (en) * | 1990-09-17 | 1994-03-15 | Cabletron Systems, Inc. | Network management system using interconnected hierarchies to represent different network dimensions in multiple display views |
US5727157A (en) * | 1990-09-17 | 1998-03-10 | Cabletron Systems, Inc. | Apparatus and method for determining a computer network topology |
JP3270102B2 (en) * | 1991-03-11 | 2002-04-02 | ヒューレット・パッカード・カンパニー | Licensing method and system |
US6601095B1 (en) * | 1991-04-18 | 2003-07-29 | International Business Machines Corporation | Method and apparatus for remote administration of programmable workstations in a data processing system |
JP3032788B2 (en) * | 1991-05-08 | 2000-04-17 | ディジタル イクイプメント コーポレイション | License management system |
DE59109081D1 (en) * | 1991-06-21 | 1999-02-04 | Ibm | Access control in computer networks |
US5438508A (en) * | 1991-06-28 | 1995-08-01 | Digital Equipment Corporation | License document interchange format for license management system |
US5204897A (en) * | 1991-06-28 | 1993-04-20 | Digital Equipment Corporation | Management interface for license management system |
US5301316A (en) * | 1991-10-30 | 1994-04-05 | Sun Microsystems, Inc. | System for determination of the equivalence of two objects without compromising then done by a third object nominated by one and accetped by the other |
WO1993011480A1 (en) * | 1991-11-27 | 1993-06-10 | Intergraph Corporation | System and method for network license administration |
US5528490A (en) * | 1992-04-10 | 1996-06-18 | Charles E. Hill & Associates, Inc. | Electronic catalog system and method |
US7370008B1 (en) | 1992-04-10 | 2008-05-06 | Charles E. Hill & Associates, Inc. | Electronic catalog system and method |
FR2697357B1 (en) * | 1992-10-23 | 1994-12-23 | Gemplus Card Int | Software acquisition process and computer system for implementing the process. |
US5784622A (en) * | 1992-11-18 | 1998-07-21 | Canon Kabushiki Kaisha | Method and apparatus for multiprotocol operation of a networked peripheral |
US7831516B2 (en) * | 1992-12-15 | 2010-11-09 | Sl Patent Holdings Llc | System and method for redistributing and licensing access to protected information among a plurality of devices |
US6266654B1 (en) | 1992-12-15 | 2001-07-24 | Softlock.Com, Inc. | Method for tracking software lineage |
US7089212B2 (en) * | 1992-12-15 | 2006-08-08 | Sl Patent Holdings Llc | System and method for controlling access to protected information |
JPH06187275A (en) * | 1992-12-18 | 1994-07-08 | Fujitsu Ltd | Testing method for server application |
US6193520B1 (en) * | 1993-05-10 | 2001-02-27 | Yugengaisha Adachi International | Interactive communication system for communicating video game and karaoke software |
JPH10511783A (en) * | 1993-08-04 | 1998-11-10 | トレンド・マイクロ・インコーポレイテッド | Method and apparatus for controlling network and workstation access prior to workstation boot |
US5444850A (en) * | 1993-08-04 | 1995-08-22 | Trend Micro Devices Incorporated | Method and apparatus for controlling network and workstation access prior to workstation boot |
IL110891A (en) * | 1993-09-14 | 1999-03-12 | Spyrus | System and method for data access control |
US5343527A (en) * | 1993-10-27 | 1994-08-30 | International Business Machines Corporation | Hybrid encryption method and system for protecting reusable software components |
US5455953A (en) * | 1993-11-03 | 1995-10-03 | Wang Laboratories, Inc. | Authorization system for obtaining in single step both identification and access rights of client to server directly from encrypted authorization ticket |
US5625690A (en) * | 1993-11-15 | 1997-04-29 | Lucent Technologies Inc. | Software pay per use system |
US6122403A (en) | 1995-07-27 | 2000-09-19 | Digimarc Corporation | Computer system linked by using information in data objects |
US6681029B1 (en) | 1993-11-18 | 2004-01-20 | Digimarc Corporation | Decoding steganographic messages embedded in media signals |
US7044395B1 (en) | 1993-11-18 | 2006-05-16 | Digimarc Corporation | Embedding and reading imperceptible codes on objects |
US6681028B2 (en) | 1995-07-27 | 2004-01-20 | Digimarc Corporation | Paper-based control of computer systems |
US5841978A (en) | 1993-11-18 | 1998-11-24 | Digimarc Corporation | Network linking method using steganographically embedded data objects |
US6449377B1 (en) | 1995-05-08 | 2002-09-10 | Digimarc Corporation | Methods and systems for watermark processing of line art images |
JPH07219763A (en) * | 1994-02-03 | 1995-08-18 | Canon Inc | Method and device for registering/starting software |
US5553143A (en) * | 1994-02-04 | 1996-09-03 | Novell, Inc. | Method and apparatus for electronic licensing |
JPH07230380A (en) * | 1994-02-15 | 1995-08-29 | Internatl Business Mach Corp <Ibm> | Method and system for controlling utilization of application program |
US7039214B2 (en) | 1999-11-05 | 2006-05-02 | Digimarc Corporation | Embedding watermark components during separate printing stages |
US6522770B1 (en) | 1999-05-19 | 2003-02-18 | Digimarc Corporation | Management of documents and other objects using optical devices |
US6869023B2 (en) | 2002-02-12 | 2005-03-22 | Digimarc Corporation | Linking documents through digital watermarking |
US5553139A (en) * | 1994-04-04 | 1996-09-03 | Novell, Inc. | Method and apparatus for electronic license distribution |
US5479612A (en) * | 1994-04-13 | 1995-12-26 | Unisys Corporation | Automated system and method to discourage access of unlicensed peripheral devices by a computer system |
US5473692A (en) * | 1994-09-07 | 1995-12-05 | Intel Corporation | Roving software license for a hardware agent |
WO1995034857A1 (en) * | 1994-06-14 | 1995-12-21 | Smith James P | Apparatus and method for controlling the registration, paid licensing and metered usage of software products |
JP3042309B2 (en) * | 1994-06-23 | 2000-05-15 | 日本電気株式会社 | Software license system |
US5590266A (en) * | 1994-10-11 | 1996-12-31 | International Business Machines Corporation | Integrity mechanism for data transfer in a windowing system |
US7424731B1 (en) | 1994-10-12 | 2008-09-09 | Touchtunes Music Corporation | Home digital audiovisual information recording and playback system |
US8661477B2 (en) | 1994-10-12 | 2014-02-25 | Touchtunes Music Corporation | System for distributing and selecting audio and video information and method implemented by said system |
CA2201909C (en) | 1994-10-12 | 2006-05-02 | Technical Maintenance Corporation | Intelligent digital audiovisual playback system |
US7188352B2 (en) | 1995-07-11 | 2007-03-06 | Touchtunes Music Corporation | Intelligent digital audiovisual playback system |
US8094949B1 (en) | 1994-10-21 | 2012-01-10 | Digimarc Corporation | Music methods and systems |
JPH08123681A (en) * | 1994-10-26 | 1996-05-17 | Canon Inc | Management system and terminal device |
US5634012A (en) * | 1994-11-23 | 1997-05-27 | Xerox Corporation | System for controlling the distribution and use of digital works having a fee reporting mechanism |
US5715403A (en) * | 1994-11-23 | 1998-02-03 | Xerox Corporation | System for controlling the distribution and use of digital works having attached usage rights where the usage rights are defined by a usage rights grammar |
JPH08263438A (en) | 1994-11-23 | 1996-10-11 | Xerox Corp | Distribution and use control system of digital work and access control method to digital work |
US7117180B1 (en) | 1994-11-23 | 2006-10-03 | Contentguard Holdings, Inc. | System for controlling the use of digital works using removable content repositories |
US6963859B2 (en) | 1994-11-23 | 2005-11-08 | Contentguard Holdings, Inc. | Content rendering repository |
US20050149450A1 (en) * | 1994-11-23 | 2005-07-07 | Contentguard Holdings, Inc. | System, method, and device for controlling distribution and use of digital works based on a usage rights grammar |
US5629980A (en) * | 1994-11-23 | 1997-05-13 | Xerox Corporation | System for controlling the distribution and use of digital works |
US6865551B1 (en) | 1994-11-23 | 2005-03-08 | Contentguard Holdings, Inc. | Removable content repositories |
US5802590A (en) * | 1994-12-13 | 1998-09-01 | Microsoft Corporation | Method and system for providing secure access to computer resources |
EP1431864B2 (en) * | 1995-02-13 | 2012-08-22 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
US5943422A (en) | 1996-08-12 | 1999-08-24 | Intertrust Technologies Corp. | Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels |
US5892900A (en) | 1996-08-30 | 1999-04-06 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
US6157721A (en) | 1996-08-12 | 2000-12-05 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
US7165174B1 (en) * | 1995-02-13 | 2007-01-16 | Intertrust Technologies Corp. | Trusted infrastructure support systems, methods and techniques for secure electronic commerce transaction and rights management |
US6658568B1 (en) * | 1995-02-13 | 2003-12-02 | Intertrust Technologies Corporation | Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management |
US6948070B1 (en) | 1995-02-13 | 2005-09-20 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
US7133846B1 (en) * | 1995-02-13 | 2006-11-07 | Intertrust Technologies Corp. | Digital certificate support system, methods and techniques for secure electronic commerce transaction and rights management |
US5651064A (en) * | 1995-03-08 | 1997-07-22 | 544483 Alberta Ltd. | System for preventing piracy of recorded media |
US5661803A (en) * | 1995-03-31 | 1997-08-26 | Pitney Bowes Inc. | Method of token verification in a key management system |
US6760463B2 (en) | 1995-05-08 | 2004-07-06 | Digimarc Corporation | Watermarking methods and media |
US5729682A (en) * | 1995-06-07 | 1998-03-17 | International Business Machines Corporation | System for prompting parameters required by a network application and using data structure to establish connections between local computer, application and resources required by application |
US7171018B2 (en) | 1995-07-27 | 2007-01-30 | Digimarc Corporation | Portable devices and methods employing digital watermarking |
US6411725B1 (en) | 1995-07-27 | 2002-06-25 | Digimarc Corporation | Watermark enabled video objects |
US7051086B2 (en) | 1995-07-27 | 2006-05-23 | Digimarc Corporation | Method of linking on-line data to printed documents |
US6408331B1 (en) | 1995-07-27 | 2002-06-18 | Digimarc Corporation | Computer linking methods using encoded graphics |
US5742759A (en) * | 1995-08-18 | 1998-04-21 | Sun Microsystems, Inc. | Method and system for facilitating access control to system resources in a distributed computer system |
US5758068A (en) * | 1995-09-19 | 1998-05-26 | International Business Machines Corporation | Method and apparatus for software license management |
US5765152A (en) * | 1995-10-13 | 1998-06-09 | Trustees Of Dartmouth College | System and method for managing copyrighted electronic media |
US7047241B1 (en) | 1995-10-13 | 2006-05-16 | Digimarc Corporation | System and methods for managing digital creative works |
US6807534B1 (en) * | 1995-10-13 | 2004-10-19 | Trustees Of Dartmouth College | System and method for managing copyrighted electronic media |
US5937164A (en) * | 1995-12-07 | 1999-08-10 | Hyperlock Technologies, Inc. | Method and apparatus of secure server control of local media via a trigger through a network for instant local access of encrypted data on local media within a platform independent networking system |
US5793982A (en) * | 1995-12-07 | 1998-08-11 | International Business Machine Corporation | Validating an installation plan containing multiple transports and redirectors by adding data structure of the modules to the plan if the indicated transport and redirector modules are unavailable |
US5966715A (en) * | 1995-12-29 | 1999-10-12 | Csg Systems, Inc. | Application and database security and integrity system and method |
WO1997025798A1 (en) * | 1996-01-11 | 1997-07-17 | Mrj, Inc. | System for controlling access and distribution of digital property |
DE69722277T2 (en) * | 1996-01-31 | 2004-04-01 | Canon K.K. | Billing device and an information distribution system using the billing device |
US5826014A (en) * | 1996-02-06 | 1998-10-20 | Network Engineering Software | Firewall system for protecting network elements connected to a public network |
US5898830A (en) * | 1996-10-17 | 1999-04-27 | Network Engineering Software | Firewall providing enhanced network security and user transparency |
US20060265337A1 (en) * | 1996-02-26 | 2006-11-23 | Graphon Corporation | Automated system for management of licensed digital assets |
US20010011253A1 (en) * | 1998-08-04 | 2001-08-02 | Christopher D. Coley | Automated system for management of licensed software |
US5790664A (en) * | 1996-02-26 | 1998-08-04 | Network Engineering Software, Inc. | Automated system for management of licensed software |
US5758069A (en) * | 1996-03-15 | 1998-05-26 | Novell, Inc. | Electronic licensing system |
US5905860A (en) * | 1996-03-15 | 1999-05-18 | Novell, Inc. | Fault tolerant electronic licensing system |
US5970471A (en) * | 1996-03-22 | 1999-10-19 | Charles E. Hill & Associates, Inc. | Virtual catalog and product presentation method and apparatus |
DE19612999C2 (en) * | 1996-03-22 | 1999-04-01 | Wasy Ges Fuer Wasserwirtschaft | System for protecting protected software against unauthorized use in computer networks |
US5864620A (en) * | 1996-04-24 | 1999-01-26 | Cybersource Corporation | Method and system for controlling distribution of software in a multitiered distribution chain |
EP0809221A3 (en) * | 1996-05-23 | 1999-06-30 | Sun Microsystems, Inc. | Virtual vending system and method for managing the distribution, licensing and rental of electronic data |
US5742757A (en) * | 1996-05-30 | 1998-04-21 | Mitsubishi Semiconductor America, Inc. | Automatic software license manager |
US7555458B1 (en) | 1996-06-05 | 2009-06-30 | Fraud Control System.Com Corporation | Method of billing a purchase made over a computer network |
US8229844B2 (en) | 1996-06-05 | 2012-07-24 | Fraud Control Systems.Com Corporation | Method of billing a purchase made over a computer network |
US20030195847A1 (en) | 1996-06-05 | 2003-10-16 | David Felger | Method of billing a purchase made over a computer network |
US5943424A (en) * | 1996-06-17 | 1999-08-24 | Hewlett-Packard Company | System, method and article of manufacture for processing a plurality of transactions from a single initiation point on a multichannel, extensible, flexible architecture |
US5864665A (en) * | 1996-08-20 | 1999-01-26 | International Business Machines Corporation | Auditing login activity in a distributed computing environment |
GB2316503B (en) * | 1996-08-22 | 2000-11-15 | Icl Personal Systems Oy | Software licence management |
FR2753868A1 (en) | 1996-09-25 | 1998-03-27 | Technical Maintenance Corp | METHOD FOR SELECTING A RECORDING ON AN AUDIOVISUAL DIGITAL REPRODUCTION SYSTEM AND SYSTEM FOR IMPLEMENTING THE METHOD |
US5754763A (en) * | 1996-10-01 | 1998-05-19 | International Business Machines Corporation | Software auditing mechanism for a distributed computer enterprise environment |
US5797016A (en) * | 1996-10-29 | 1998-08-18 | Cheyenne Software Inc. | Regeneration agent for back-up software |
US6212634B1 (en) | 1996-11-15 | 2001-04-03 | Open Market, Inc. | Certifying authorization in computer networks |
US6192131B1 (en) | 1996-11-15 | 2001-02-20 | Securities Industry Automation Corporation | Enabling business transactions in computer networks |
US5949059A (en) * | 1996-12-09 | 1999-09-07 | International Business Machines Corporation | Tamper evident labelling system with embedded storage device |
US6029145A (en) * | 1997-01-06 | 2000-02-22 | Isogon Corporation | Software license verification process and apparatus |
JP3924342B2 (en) * | 1997-02-14 | 2007-06-06 | 富士通株式会社 | Software license management system and software license management apparatus |
US6233684B1 (en) | 1997-02-28 | 2001-05-15 | Contenaguard Holdings, Inc. | System for controlling the distribution and use of rendered digital works through watermaking |
US5922074A (en) * | 1997-02-28 | 1999-07-13 | Xcert Software, Inc. | Method of and apparatus for providing secure distributed directory services and public key infrastructure |
US5995624A (en) * | 1997-03-10 | 1999-11-30 | The Pacid Group | Bilateral authentication and information encryption token system and method |
US5995625A (en) * | 1997-03-24 | 1999-11-30 | Certco, Llc | Electronic cryptographic packing |
US6041411A (en) * | 1997-03-28 | 2000-03-21 | Wyatt; Stuart Alan | Method for defining and verifying user access rights to a computer information |
US6023763A (en) * | 1997-04-23 | 2000-02-08 | Fisher Controls International, Inc. | Method of and apparatus for protecting and upgrading software using a removable hardlock |
US6173403B1 (en) * | 1997-04-30 | 2001-01-09 | Achates Reference Publishing, Inc. | Method and apparatus for distributing information products |
US6112192A (en) * | 1997-05-09 | 2000-08-29 | International Business Machines Corp. | Method for providing individually customized content in a network |
EP0878796B1 (en) * | 1997-05-13 | 2006-04-19 | Kabushiki Kaisha Toshiba | Information recording apparatus, information reproducing apparatus, and information distribution system |
US7290288B2 (en) * | 1997-06-11 | 2007-10-30 | Prism Technologies, L.L.C. | Method and system for controlling access, by an authentication server, to protected computer resources provided via an internet protocol network |
US6021438A (en) * | 1997-06-18 | 2000-02-01 | Wyatt River Software, Inc. | License management system using daemons and aliasing |
US6453352B1 (en) * | 1997-07-14 | 2002-09-17 | Electronic Data Systems Corporation | Integrated electronic commerce system and method |
US6065117A (en) * | 1997-07-16 | 2000-05-16 | International Business Machines Corporation | Systems, methods and computer program products for sharing state information between a stateless server and a stateful client |
US7574727B2 (en) | 1997-07-23 | 2009-08-11 | Touchtunes Music Corporation | Intelligent digital audiovisual playback system |
US7127420B1 (en) * | 1997-08-01 | 2006-10-24 | Financial Systems Technology (Intellectual Property) Pty. Ltd. | Data processing system for complex pricing and transactional analysis |
US6009525A (en) * | 1997-08-29 | 1999-12-28 | Preview Systems, Inc. | Multi-tier electronic software distribution |
US6684198B1 (en) * | 1997-09-03 | 2004-01-27 | Sega Enterprises, Ltd. | Program data distribution via open network |
FR2769165B1 (en) | 1997-09-26 | 2002-11-29 | Technical Maintenance Corp | WIRELESS SYSTEM WITH DIGITAL TRANSMISSION FOR SPEAKERS |
US7092914B1 (en) * | 1997-11-06 | 2006-08-15 | Intertrust Technologies Corporation | Methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information |
US6289452B1 (en) * | 1997-11-07 | 2001-09-11 | Cybersource Corporation | Method and system for delivering digital products electronically |
AU757557B2 (en) * | 1997-11-13 | 2003-02-27 | Intellectual Ventures I Llc | File transfer system |
US6185624B1 (en) | 1998-02-04 | 2001-02-06 | 3Com Corporation | Method and system for cable modem management of a data-over-cable system |
US6058421A (en) * | 1998-02-04 | 2000-05-02 | 3Com Corporation | Method and system for addressing network host interfaces from a cable modem using DHCP |
US6240464B1 (en) | 1998-02-04 | 2001-05-29 | 3Com Corporation | Method and system for managing addresses for network host interfaces in a data-over-cable system |
US6049826A (en) * | 1998-02-04 | 2000-04-11 | 3Com Corporation | Method and system for cable modem initialization using dynamic servers |
US6170061B1 (en) | 1998-02-04 | 2001-01-02 | 3Com Corporation | Method and system for secure cable modem registration |
US6065049A (en) * | 1998-02-04 | 2000-05-16 | 3Com Corporation | Method and system for resolving addresses for network host interfaces from a cable modem |
US6070246A (en) * | 1998-02-04 | 2000-05-30 | 3Com Corporation | Method and system for secure cable modem initialization |
US6189146B1 (en) * | 1998-03-18 | 2001-02-13 | Microsoft Corporation | System and method for software licensing |
US7171662B1 (en) * | 1998-03-18 | 2007-01-30 | Microsoft Corporation | System and method for software licensing |
US6202056B1 (en) * | 1998-04-03 | 2001-03-13 | Audiosoft, Inc. | Method for computer network operation providing basis for usage fees |
US7051004B2 (en) * | 1998-04-03 | 2006-05-23 | Macrovision Corporation | System and methods providing secure delivery of licenses and content |
US6374357B1 (en) * | 1998-04-16 | 2002-04-16 | Microsoft Corporation | System and method for regulating a network service provider's ability to host distributed applications in a distributed processing environment |
US6370147B1 (en) | 1998-04-23 | 2002-04-09 | 3Com Corporation | Method for addressing of passive network hosts in a data-over-cable system |
US6636485B1 (en) | 1998-05-14 | 2003-10-21 | 3Com Corporation | Method and system for providing quality-of-service in a data-over-cable system |
US6223222B1 (en) | 1998-05-14 | 2001-04-24 | 3Com Corporation | Method and system for providing quality-of-service in a data-over-cable system using configuration protocol messaging |
JPH11328033A (en) * | 1998-05-20 | 1999-11-30 | Fujitsu Ltd | License transfer device |
US6331987B1 (en) | 1998-05-27 | 2001-12-18 | 3Com Corporation | Method and system for bundling data in a data-over-cable system |
US6560203B1 (en) | 1998-05-27 | 2003-05-06 | 3Com Corporation | Method for changing type-of-service in a data-over-cable system |
US6775276B1 (en) | 1998-05-27 | 2004-08-10 | 3Com Corporation | Method and system for seamless address allocation in a data-over-cable system |
US6295554B1 (en) | 1998-05-27 | 2001-09-25 | 3Com Corporation | System and method for communicating with a telco-return cable modem as a single communications device |
US6510162B1 (en) | 1998-05-27 | 2003-01-21 | 3Com Corporation | System and method for managing channel usage in a data over cable system |
US6275853B1 (en) | 1998-05-27 | 2001-08-14 | 3Com Corporation | System and method for extending communications features using generic management information base objects |
US6189102B1 (en) | 1998-05-27 | 2001-02-13 | 3Com Corporation | Method for authentication of network devices in a data-over cable system |
US6442158B1 (en) | 1998-05-27 | 2002-08-27 | 3Com Corporation | Method and system for quality-of-service based data forwarding in a data-over-cable system |
US6219652B1 (en) | 1998-06-01 | 2001-04-17 | Novell, Inc. | Network license authentication |
US6505300B2 (en) | 1998-06-12 | 2003-01-07 | Microsoft Corporation | Method and system for secure running of untrusted content |
US6279111B1 (en) | 1998-06-12 | 2001-08-21 | Microsoft Corporation | Security model using restricted tokens |
US6308274B1 (en) * | 1998-06-12 | 2001-10-23 | Microsoft Corporation | Least privilege via restricted tokens |
US6308273B1 (en) | 1998-06-12 | 2001-10-23 | Microsoft Corporation | Method and system of security location discrimination |
FR2781582B1 (en) | 1998-07-21 | 2001-01-12 | Technical Maintenance Corp | SYSTEM FOR DOWNLOADING OBJECTS OR FILES FOR SOFTWARE UPDATE |
FR2781593B1 (en) | 1998-07-22 | 2001-01-12 | Technical Maintenance Corp | REMOTE CONTROL FOR INTELLIGENT DIGITAL AUDIOVISUAL REPRODUCTION SYSTEM |
FR2781591B1 (en) | 1998-07-22 | 2000-09-22 | Technical Maintenance Corp | AUDIOVISUAL REPRODUCTION SYSTEM |
US8028318B2 (en) | 1999-07-21 | 2011-09-27 | Touchtunes Music Corporation | Remote control unit for activating and deactivating means for payment and for displaying payment status |
FR2781580B1 (en) | 1998-07-22 | 2000-09-22 | Technical Maintenance Corp | SOUND CONTROL CIRCUIT FOR INTELLIGENT DIGITAL AUDIOVISUAL REPRODUCTION SYSTEM |
AU6499699A (en) | 1998-09-29 | 2000-04-17 | Stamps.Com, Inc. | On-line postage system |
US6892229B1 (en) | 1998-09-30 | 2005-05-10 | 3Com Corporation | System and method for assigning dynamic host configuration protocol parameters in devices using resident network interfaces |
US6212563B1 (en) | 1998-10-01 | 2001-04-03 | 3Com Corporation | Method and system for setting and managing externally provided internet protocol addresses using the dynamic host configuration protocol |
US7068787B1 (en) | 1998-10-23 | 2006-06-27 | Contentguard Holdings, Inc. | System and method for protection of digital works |
US6272469B1 (en) | 1998-11-25 | 2001-08-07 | Ge Medical Systems Global Technology Company, Llc | Imaging system protocol handling method and apparatus |
US6662135B1 (en) | 1998-12-09 | 2003-12-09 | 3Com Corporation | Method and apparatus for reflective mixer testing of a cable modem |
US6351773B1 (en) | 1998-12-21 | 2002-02-26 | 3Com Corporation | Methods for restricting access of network devices to subscription services in a data-over-cable system |
US6986157B1 (en) | 1998-12-21 | 2006-01-10 | 3Com Corporation | Method and system for dynamic service registration in a data-over-cable system |
US6657991B1 (en) | 1998-12-21 | 2003-12-02 | 3Com Corporation | Method and system for provisioning network addresses in a data-over-cable system |
US6577642B1 (en) | 1999-01-15 | 2003-06-10 | 3Com Corporation | Method and system for virtual network administration with a data-over cable system |
US6173446B1 (en) * | 1999-02-02 | 2001-01-09 | Ultimus, Inc. | Apparatus for licensing software applications |
GB2346989A (en) * | 1999-02-19 | 2000-08-23 | Ibm | Software licence management system uses clustered licence servers |
US8726330B2 (en) | 1999-02-22 | 2014-05-13 | Touchtunes Music Corporation | Intelligent digital audiovisual playback system |
US7099338B1 (en) | 1999-02-27 | 2006-08-29 | 3Com Corporation | System and method for insuring dynamic host configuration protocol operation by a host connected to a data network |
US6694320B1 (en) * | 1999-03-01 | 2004-02-17 | Mitel, Inc. | Branding dynamic link libraries |
JP2000260121A (en) * | 1999-03-05 | 2000-09-22 | Toshiba Corp | Information reproducing device and information recording device |
US6868497B1 (en) * | 1999-03-10 | 2005-03-15 | Digimarc Corporation | Method and apparatus for automatic ID management |
US6223291B1 (en) * | 1999-03-26 | 2001-04-24 | Motorola, Inc. | Secure wireless electronic-commerce system with digital product certificates and digital license certificates |
US6937726B1 (en) | 1999-04-06 | 2005-08-30 | Contentguard Holdings, Inc. | System and method for protecting data files by periodically refreshing a decryption key |
US6859533B1 (en) | 1999-04-06 | 2005-02-22 | Contentguard Holdings, Inc. | System and method for transferring the right to decode messages in a symmetric encoding scheme |
US7286665B1 (en) | 1999-04-06 | 2007-10-23 | Contentguard Holdings, Inc. | System and method for transferring the right to decode messages |
US7356688B1 (en) | 1999-04-06 | 2008-04-08 | Contentguard Holdings, Inc. | System and method for document distribution |
US6611868B1 (en) | 1999-05-21 | 2003-08-26 | 3Com Corporation | Method and system for automatic link hang up |
US6654387B1 (en) | 1999-05-21 | 2003-11-25 | 3Com Corporation | Method for network address table maintenance in a data-over-cable system using a network device registration procedure |
US6697862B1 (en) | 1999-05-21 | 2004-02-24 | 3Com Corporation | System and method for network address maintenance using dynamic host configuration protocol messages in a data-over-cable system |
US6754622B1 (en) | 1999-05-24 | 2004-06-22 | 3Com Corporation | Method for network address table maintenance in a data-over-cable system using destination reachibility |
US6985437B1 (en) | 1999-05-25 | 2006-01-10 | 3Com Corporation | Method for dynamic performance optimization in a data-over-cable system |
US6785292B1 (en) | 1999-05-28 | 2004-08-31 | 3Com Corporation | Method for detecting radio frequency impairments in a data-over-cable system |
US8103542B1 (en) | 1999-06-29 | 2012-01-24 | Digimarc Corporation | Digitally marked objects and promotional methods |
FR2796482B1 (en) | 1999-07-16 | 2002-09-06 | Touchtunes Music Corp | REMOTE MANAGEMENT SYSTEM FOR AT LEAST ONE AUDIOVISUAL INFORMATION REPRODUCING DEVICE |
US7716348B1 (en) * | 1999-09-03 | 2010-05-11 | Safenet, Inc. | License management system and method with license balancing |
US7035918B1 (en) | 1999-09-03 | 2006-04-25 | Safenet Canada. Inc. | License management system and method with multiple license servers |
US6968384B1 (en) | 1999-09-03 | 2005-11-22 | Safenet, Inc. | License management system and method for commuter licensing |
US6842896B1 (en) | 1999-09-03 | 2005-01-11 | Rainbow Technologies, Inc. | System and method for selecting a server in a multiple server license management system |
US6553568B1 (en) | 1999-09-29 | 2003-04-22 | 3Com Corporation | Methods and systems for service level agreement enforcement on a data-over cable system |
US6885748B1 (en) | 1999-10-23 | 2005-04-26 | Contentguard Holdings, Inc. | System and method for protection of digital works |
US6539501B1 (en) | 1999-12-16 | 2003-03-25 | International Business Machines Corporation | Method, system, and program for logging statements to monitor execution of a program |
US6816842B1 (en) * | 1999-12-31 | 2004-11-09 | Ge Medical Technology Services, Inc. | Method and apparatus for automatically processing business contract information into licensed end-user application |
KR20010076025A (en) * | 2000-01-24 | 2001-08-11 | 이승룡 | A method for transmitting a encrypted file in the computer network for only selected-client's usage |
FR2805377B1 (en) | 2000-02-23 | 2003-09-12 | Touchtunes Music Corp | EARLY ORDERING PROCESS FOR A SELECTION, DIGITAL SYSTEM AND JUKE-BOX FOR IMPLEMENTING THE METHOD |
FR2805060B1 (en) | 2000-02-16 | 2005-04-08 | Touchtunes Music Corp | METHOD FOR RECEIVING FILES DURING DOWNLOAD |
FR2805072B1 (en) | 2000-02-16 | 2002-04-05 | Touchtunes Music Corp | METHOD FOR ADJUSTING THE SOUND VOLUME OF A DIGITAL SOUND RECORDING |
JP4086445B2 (en) * | 2000-03-09 | 2008-05-14 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Information transmission method, network provider server, information terminal, and method in information terminal |
EP1134643A3 (en) * | 2000-03-14 | 2007-01-17 | Sony Corporation | Information providing apparatus and method, information processing apparatus and method, program storage medium, program, and information providing system |
US8635160B2 (en) * | 2000-03-14 | 2014-01-21 | Sony Corporation | Information providing apparatus and method, information processing apparatus and method, program storage medium, program, and information providing system |
JP3281920B2 (en) * | 2000-03-14 | 2002-05-13 | 東北大学長 | Method for producing allylfuran compound |
AU2001242114B2 (en) * | 2000-03-28 | 2006-08-10 | Optimiser Pty. Ltd. | Authorising use of a computer program |
AUPQ654400A0 (en) | 2000-03-28 | 2000-04-20 | Optimiser Pty Ltd | Authorising use of a computer program |
US7089580B1 (en) | 2000-03-29 | 2006-08-08 | 3Com Corporation | Method for improved cable modem ranging in a data-over-cable system |
US6948168B1 (en) * | 2000-03-30 | 2005-09-20 | International Business Machines Corporation | Licensed application installer |
EP1146684B1 (en) * | 2000-04-10 | 2005-11-16 | Hewlett-Packard Company | Limited printing of electronically transmitted information |
US6804262B1 (en) | 2000-04-28 | 2004-10-12 | 3Com Corporation | Method and apparatus for channel determination through power measurements |
US7111168B2 (en) | 2000-05-01 | 2006-09-19 | Digimarc Corporation | Digital watermarking systems |
KR20000053933A (en) * | 2000-05-10 | 2000-09-05 | 류종렬 | System for confirming of original software and the method thereof |
FR2808906B1 (en) | 2000-05-10 | 2005-02-11 | Touchtunes Music Corp | DEVICE AND METHOD FOR REMOTELY MANAGING A NETWORK OF AUDIOVISUAL INFORMATION REPRODUCTION SYSTEMS |
TW569130B (en) * | 2000-05-29 | 2004-01-01 | Sony Corp | Data providing device and method, data processing device and method and program storage media |
WO2001095175A2 (en) * | 2000-06-05 | 2001-12-13 | Sealedmedia Limited | Digital rights management |
US6944881B1 (en) | 2000-06-19 | 2005-09-13 | 3Com Corporation | Method for using an initial maintenance opportunity for non-contention ranging |
FR2811175B1 (en) * | 2000-06-29 | 2002-12-27 | Touchtunes Music Corp | AUDIOVISUAL INFORMATION DISTRIBUTION METHOD AND AUDIOVISUAL INFORMATION DISTRIBUTION SYSTEM |
US7695363B2 (en) | 2000-06-23 | 2010-04-13 | Igt | Gaming device having multiple display interfaces |
US6731313B1 (en) | 2000-06-23 | 2004-05-04 | Igt | Gaming device having touch activated alternating or changing symbol |
US7699699B2 (en) | 2000-06-23 | 2010-04-20 | Igt | Gaming device having multiple selectable display interfaces based on player's wagers |
US7158953B1 (en) * | 2000-06-27 | 2007-01-02 | Microsoft Corporation | Method and system for limiting the use of user-specific software features |
FR2811114B1 (en) | 2000-06-29 | 2002-12-27 | Touchtunes Music Corp | DEVICE AND METHOD FOR COMMUNICATION BETWEEN A SYSTEM FOR REPRODUCING AUDIOVISUAL INFORMATION AND AN ELECTRONIC ENTERTAINMENT MACHINE |
DE10032192A1 (en) * | 2000-07-01 | 2002-01-10 | Bosch Gmbh Robert | Software usage license management method involves checking assigned software usage quota, on detecting utilization of software by user and generating software enable or blocking code accordingly |
DE10032015A1 (en) * | 2000-07-01 | 2002-01-10 | Roche Diagnostics Gmbh | Test strip analysis unit for bodily fluid, employs temperature history correction system which will not drain batteries |
US6816500B1 (en) | 2000-07-10 | 2004-11-09 | 3Com Corporation | Apparatus, method and system for multimedia access network channel management |
US6498937B1 (en) | 2000-07-14 | 2002-12-24 | Trw Inc. | Asymmetric bandwidth wireless communication techniques |
US20020022971A1 (en) * | 2000-08-21 | 2002-02-21 | Masanori Tanaka | Software rental system, software rental method, and computer program for being executed on the software rental system |
US7913095B2 (en) * | 2000-08-28 | 2011-03-22 | Contentguard Holdings, Inc. | Method and apparatus for providing a specific user interface in a system for managing content |
US6931545B1 (en) * | 2000-08-28 | 2005-08-16 | Contentguard Holdings, Inc. | Systems and methods for integrity certification and verification of content consumption environments |
US7073199B1 (en) | 2000-08-28 | 2006-07-04 | Contentguard Holdings, Inc. | Document distribution management method and apparatus using a standard rendering engine and a method and apparatus for controlling a standard rendering engine |
US7743259B2 (en) * | 2000-08-28 | 2010-06-22 | Contentguard Holdings, Inc. | System and method for digital rights management using a standard rendering engine |
FR2814085B1 (en) | 2000-09-15 | 2005-02-11 | Touchtunes Music Corp | ENTERTAINMENT METHOD BASED ON MULTIPLE CHOICE COMPETITION GAMES |
US7107326B1 (en) | 2000-10-13 | 2006-09-12 | 3Com Corporation | Method and system for integrating IP address reservations with policy provisioning |
US7343324B2 (en) | 2000-11-03 | 2008-03-11 | Contentguard Holdings Inc. | Method, system, and computer readable medium for automatically publishing content |
US6889209B1 (en) * | 2000-11-03 | 2005-05-03 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
US7068597B1 (en) | 2000-11-27 | 2006-06-27 | 3Com Corporation | System and method for automatic load balancing in a data-over-cable network |
GB2385177B (en) * | 2000-11-28 | 2005-06-22 | Sanyo Electric Co | Data terminal device for administering licence used for decrypting and utilizing encrypted content data |
US6940874B2 (en) * | 2000-11-30 | 2005-09-06 | 3Com Corporation | Method for reducing interference from initializing network devices in a data-over-cable system |
US6948184B1 (en) | 2000-11-30 | 2005-09-20 | 3Com Corporation | System and method for calibrating power level during initial ranging of a network client device |
US7778981B2 (en) * | 2000-12-01 | 2010-08-17 | Netapp, Inc. | Policy engine to control the servicing of requests received by a storage server |
CA2328644C (en) * | 2000-12-15 | 2005-05-10 | Ibm Canada Limited-Ibm Canada Limitee | Methods, systems, signals and media for encouraging users of computer readable content to register |
US7266704B2 (en) * | 2000-12-18 | 2007-09-04 | Digimarc Corporation | User-friendly rights management systems and methods |
US8055899B2 (en) | 2000-12-18 | 2011-11-08 | Digimarc Corporation | Systems and methods using digital watermarking and identifier extraction to provide promotional opportunities |
US6912294B2 (en) * | 2000-12-29 | 2005-06-28 | Contentguard Holdings, Inc. | Multi-stage watermarking process and system |
US20020128976A1 (en) * | 2001-01-11 | 2002-09-12 | Segue Software, Inc. | Method and system for tracking software licenses and usage |
US20030220880A1 (en) * | 2002-01-17 | 2003-11-27 | Contentguard Holdings, Inc. | Networked services licensing system and method |
MXPA03006362A (en) * | 2001-01-17 | 2004-04-20 | Contentguard Holdings Inc | Method and apparatus for managing digital content usage rights. |
US7206765B2 (en) * | 2001-01-17 | 2007-04-17 | Contentguard Holdings, Inc. | System and method for supplying and managing usage rights based on rules |
US7177843B2 (en) * | 2001-01-17 | 2007-02-13 | Contentguard Holdings, Inc. | Rights expression system |
US7774279B2 (en) | 2001-05-31 | 2010-08-10 | Contentguard Holdings, Inc. | Rights offering and granting |
US7028009B2 (en) * | 2001-01-17 | 2006-04-11 | Contentguardiholdings, Inc. | Method and apparatus for distributing enforceable property rights |
US8069116B2 (en) | 2001-01-17 | 2011-11-29 | Contentguard Holdings, Inc. | System and method for supplying and managing usage rights associated with an item repository |
US6754642B2 (en) | 2001-05-31 | 2004-06-22 | Contentguard Holdings, Inc. | Method and apparatus for dynamically assigning usage rights to digital works |
US20040039704A1 (en) * | 2001-01-17 | 2004-02-26 | Contentguard Holdings, Inc. | System and method for supplying and managing usage rights of users and suppliers of items |
US6961773B2 (en) * | 2001-01-19 | 2005-11-01 | Esoft, Inc. | System and method for managing application service providers |
US20070219918A1 (en) * | 2001-01-19 | 2007-09-20 | Jonathan Schull | System and method for controlling access to protected information |
US6952428B1 (en) | 2001-01-26 | 2005-10-04 | 3Com Corporation | System and method for a specialized dynamic host configuration protocol proxy in a data-over-cable network |
AUPR321701A0 (en) * | 2001-02-20 | 2001-03-15 | Millard, Stephen R. | Method of licensing content on updatable digital media |
US7073055B1 (en) | 2001-02-22 | 2006-07-04 | 3Com Corporation | System and method for providing distributed and dynamic network services for remote access server users |
US7191438B2 (en) * | 2001-02-23 | 2007-03-13 | Lenovo (Singapore) Pte, Ltd. | Computer functional architecture and a locked down environment in a client-server architecture |
US7222255B1 (en) | 2001-02-28 | 2007-05-22 | 3Com Corporation | System and method for network performance testing |
US6892205B1 (en) * | 2001-02-28 | 2005-05-10 | Oracle International Corporation | System and method for pre-compiling a source cursor into a target library cache |
JP2002287990A (en) * | 2001-03-26 | 2002-10-04 | Canon Inc | Application managing device, application managing method, recording medium, and program |
US6978291B2 (en) * | 2001-04-30 | 2005-12-20 | Isogon Corporation | Method for correlating job-step or execution-process information with corresponding software licensing information |
US20030043852A1 (en) * | 2001-05-18 | 2003-03-06 | Bijan Tadayon | Method and apparatus for verifying data integrity based on data compression parameters |
US6876984B2 (en) | 2001-05-31 | 2005-04-05 | Contentguard Holdings, Inc. | Method and apparatus for establishing usage rights for digital content to be created in the future |
US6895503B2 (en) | 2001-05-31 | 2005-05-17 | Contentguard Holdings, Inc. | Method and apparatus for hierarchical assignment of rights to documents and documents having such rights |
US8275709B2 (en) | 2001-05-31 | 2012-09-25 | Contentguard Holdings, Inc. | Digital rights management of content when content is a future live event |
US7222104B2 (en) * | 2001-05-31 | 2007-05-22 | Contentguard Holdings, Inc. | Method and apparatus for transferring usage rights and digital work having transferrable usage rights |
US6973445B2 (en) * | 2001-05-31 | 2005-12-06 | Contentguard Holdings, Inc. | Demarcated digital content and method for creating and processing demarcated digital works |
US7725401B2 (en) | 2001-05-31 | 2010-05-25 | Contentguard Holdings, Inc. | Method and apparatus for establishing usage rights for digital content to be created in the future |
US8099364B2 (en) | 2001-05-31 | 2012-01-17 | Contentguard Holdings, Inc. | Digital rights management of content when content is a future live event |
US6976009B2 (en) | 2001-05-31 | 2005-12-13 | Contentguard Holdings, Inc. | Method and apparatus for assigning consequential rights to documents and documents having such rights |
US8001053B2 (en) | 2001-05-31 | 2011-08-16 | Contentguard Holdings, Inc. | System and method for rights offering and granting using shared state variables |
US8275716B2 (en) | 2001-05-31 | 2012-09-25 | Contentguard Holdings, Inc. | Method and system for subscription digital rights management |
US7152046B2 (en) * | 2001-05-31 | 2006-12-19 | Contentguard Holdings, Inc. | Method and apparatus for tracking status of resource in a system for managing use of the resources |
BR0210930A (en) | 2001-06-07 | 2005-05-03 | Contentguard Holdings Inc | Method and apparatus for supporting multiple trust zones in a digital rights management system |
EP1393230A4 (en) * | 2001-06-07 | 2004-07-07 | Contentguard Holdings Inc | Method and apparatus managing the transfer of rights |
CN1608264A (en) * | 2001-06-07 | 2005-04-20 | 康坦夹德控股股份有限公司 | Rights offering and granting |
US7774280B2 (en) * | 2001-06-07 | 2010-08-10 | Contentguard Holdings, Inc. | System and method for managing transfer of rights using shared state variables |
EP1323018A4 (en) * | 2001-06-07 | 2004-07-07 | Contentguard Holdings Inc | Protected content distribution system |
US6983479B1 (en) * | 2001-06-08 | 2006-01-03 | Tarantella, Inc. | Dynamic content activation by locating, coordinating and presenting content publishing resources such that content publisher can create or change content |
US7343297B2 (en) | 2001-06-15 | 2008-03-11 | Microsoft Corporation | System and related methods for managing and enforcing software licenses |
US7143409B2 (en) | 2001-06-29 | 2006-11-28 | International Business Machines Corporation | Automated entitlement verification for delivery of licensed software |
US7146340B1 (en) | 2001-07-25 | 2006-12-05 | Novell, Inc. | Method and systems for licensing electronic data |
JP3734461B2 (en) * | 2001-08-08 | 2006-01-11 | 松下電器産業株式会社 | License information converter |
US7088678B1 (en) | 2001-08-27 | 2006-08-08 | 3Com Corporation | System and method for traffic shaping based on generalized congestion and flow control |
JP2003099142A (en) * | 2001-09-26 | 2003-04-04 | Mitsubishi Electric Corp | System for managing license of software |
US7680742B1 (en) | 2001-10-09 | 2010-03-16 | Novell, Inc. | System and method for controlling access to licensed computing processes via a codified electronic license |
US20030069967A1 (en) | 2001-10-10 | 2003-04-10 | International Business Machines Corporation | Shared authorization data authentication method for transaction delegation in service-based computing environments |
US7383073B1 (en) | 2001-10-16 | 2008-06-03 | Z-Kat Inc. | Digital minimally invasive surgery system |
US7487363B2 (en) * | 2001-10-18 | 2009-02-03 | Nokia Corporation | System and method for controlled copying and moving of content between devices and domains based on conditional encryption of content key depending on usage |
US7085306B1 (en) | 2001-10-30 | 2006-08-01 | 3Com Corporation | System and method for a multi-frequency upstream channel in a computer network |
US7558759B2 (en) * | 2001-11-20 | 2009-07-07 | Contentguard Holdings, Inc. | Systems and methods for creating, manipulating and processing rights and contract expressions using tokenized templates |
US7974923B2 (en) * | 2001-11-20 | 2011-07-05 | Contentguard Holdings, Inc. | Extensible rights expression processing system |
US7840488B2 (en) * | 2001-11-20 | 2010-11-23 | Contentguard Holdings, Inc. | System and method for granting access to an item or permission to use an item based on configurable conditions |
ATE509326T1 (en) | 2001-12-18 | 2011-05-15 | L 1 Secure Credentialing Inc | MULTIPLE IMAGE SECURITY FEATURES FOR IDENTIFYING DOCUMENTS AND METHOD FOR PRODUCING THEM |
US7728048B2 (en) | 2002-12-20 | 2010-06-01 | L-1 Secure Credentialing, Inc. | Increasing thermal conductivity of host polymer used with laser engraving methods and compositions |
US7694887B2 (en) | 2001-12-24 | 2010-04-13 | L-1 Secure Credentialing, Inc. | Optically variable personalized indicia for identification documents |
AU2002364746A1 (en) | 2001-12-24 | 2003-07-15 | Digimarc Id Systems, Llc | Systems, compositions, and methods for full color laser engraving of id documents |
WO2003056500A1 (en) | 2001-12-24 | 2003-07-10 | Digimarc Id Systems, Llc | Covert variable information on id documents and methods of making same |
US7072337B1 (en) | 2002-01-25 | 2006-07-04 | 3Com Corporation | System and method for resolving network addresses for network devices on distributed network subnets |
US20030229593A1 (en) * | 2002-03-14 | 2003-12-11 | Michael Raley | Rights expression profile system and method |
KR20040101312A (en) * | 2002-03-14 | 2004-12-02 | 콘텐트가드 홀딩즈 인코포레이티드 | System and method for exprssing usage rights using modulated signals |
US7805371B2 (en) * | 2002-03-14 | 2010-09-28 | Contentguard Holdings, Inc. | Rights expression profile system and method |
AU2003232016A1 (en) | 2002-04-29 | 2003-11-17 | Contentguard Holdings, Inc. | Rights management system using legality expression language |
WO2003093961A2 (en) * | 2002-05-02 | 2003-11-13 | Shieldip, Inc. | Method and apparatus for protecting information and privacy |
US20030212905A1 (en) * | 2002-05-08 | 2003-11-13 | Sun Microsystems, Inc. | Method, computer product and network to regulate software licensure authentication in a computer network environment |
US7824029B2 (en) | 2002-05-10 | 2010-11-02 | L-1 Secure Credentialing, Inc. | Identification card printer-assembler for over the counter card issuing |
CN1516847A (en) * | 2002-05-15 | 2004-07-28 | ���µ�����ҵ��ʽ���� | Content usage management system, and server apparatus and terminal apparatus in the system |
US7184985B2 (en) * | 2002-05-30 | 2007-02-27 | Microsoft Corporation | Method, system, and apparatus for providing secure access to a digital work |
US8909777B2 (en) | 2002-06-26 | 2014-12-09 | Intel Corporation | Systems and methods for dynamic access to program features |
US20040015440A1 (en) * | 2002-07-19 | 2004-01-22 | Lai Yu Cheng | Network resource management system |
US11029823B2 (en) | 2002-09-16 | 2021-06-08 | Touchtunes Music Corporation | Jukebox with customizable avatar |
US8332895B2 (en) | 2002-09-16 | 2012-12-11 | Touchtunes Music Corporation | Digital downloading jukebox system with user-tailored music management, communications, and other tools |
US9646339B2 (en) | 2002-09-16 | 2017-05-09 | Touchtunes Music Corporation | Digital downloading jukebox system with central and local music servers |
US8584175B2 (en) | 2002-09-16 | 2013-11-12 | Touchtunes Music Corporation | Digital downloading jukebox system with user-tailored music management, communications, and other tools |
US8151304B2 (en) | 2002-09-16 | 2012-04-03 | Touchtunes Music Corporation | Digital downloading jukebox system with user-tailored music management, communications, and other tools |
US7822687B2 (en) | 2002-09-16 | 2010-10-26 | Francois Brillon | Jukebox with customizable avatar |
US10373420B2 (en) | 2002-09-16 | 2019-08-06 | Touchtunes Music Corporation | Digital downloading jukebox with enhanced communication features |
US8103589B2 (en) | 2002-09-16 | 2012-01-24 | Touchtunes Music Corporation | Digital downloading jukebox system with central and local music servers |
EP1420495B1 (en) * | 2002-11-15 | 2010-01-06 | Abb Research Ltd. | Installation of one protection function in an protection apparatus of a power distribution network |
AU2003298731A1 (en) | 2002-11-26 | 2004-06-18 | Digimarc Id Systems | Systems and methods for managing and detecting fraud in image databases used with identification documents |
US7712673B2 (en) | 2002-12-18 | 2010-05-11 | L-L Secure Credentialing, Inc. | Identification document with three dimensional image of bearer |
US7340525B1 (en) * | 2003-01-24 | 2008-03-04 | Oracle International Corporation | Method and apparatus for single sign-on in a wireless environment |
US8181265B2 (en) * | 2003-01-31 | 2012-05-15 | Microsoft Corporation | Secure machine counting |
US7356709B2 (en) * | 2003-01-31 | 2008-04-08 | Microsoft Corporation | Systems and methods for deterring software piracy in a volume license environment |
US7644442B2 (en) * | 2003-01-31 | 2010-01-05 | Microsoft Corporation | Systems and methods for using machine attributes to deter software piracy in an enterprise environment |
US20040235563A1 (en) * | 2003-02-26 | 2004-11-25 | Blackburn Christopher W. | Game update service in a service-oriented gaming network environment |
US20040242328A1 (en) * | 2003-03-05 | 2004-12-02 | Blackburn Christopher W. | Boot service in a service-oriented gaming network environment |
US8308567B2 (en) * | 2003-03-05 | 2012-11-13 | Wms Gaming Inc. | Discovery service in a service-oriented gaming network environment |
US20040243849A1 (en) * | 2003-03-06 | 2004-12-02 | Blackburn Christopher W. | Authorization service in a service-oriented gaming network environment |
US20040243848A1 (en) * | 2003-03-06 | 2004-12-02 | Blackburn Christopher W. | Authentication service in a service-oriented gaming network environment |
US20040242331A1 (en) * | 2003-03-17 | 2004-12-02 | Blackburn Christopher W. | Time service in a service-oriented gaming network environment |
US7089425B2 (en) | 2003-03-18 | 2006-08-08 | Ci4 Technologies, Inc. | Remote access authorization of local content |
US20040266532A1 (en) * | 2003-03-27 | 2004-12-30 | Blackburn Christopher W. | Event management service in a service-oriented gaming network environment |
US20040266523A1 (en) * | 2003-04-16 | 2004-12-30 | Gentles Thomas A | Secured networks in a gaming system environment |
US20040266533A1 (en) * | 2003-04-16 | 2004-12-30 | Gentles Thomas A | Gaming software distribution network in a gaming system environment |
EP1614064B1 (en) | 2003-04-16 | 2010-12-08 | L-1 Secure Credentialing, Inc. | Three dimensional data storage |
CA2464797A1 (en) * | 2003-04-16 | 2004-10-16 | Wms Gaming Inc. | Remote authentication of gaming software in a gaming system environment |
US20040259640A1 (en) * | 2003-04-16 | 2004-12-23 | Gentles Thomas A. | Layered security methods and apparatus in a gaming system environment |
KR100985784B1 (en) * | 2003-05-02 | 2010-10-06 | 엘지전자 주식회사 | Method for authenticating an interactive optical disc |
US20050227768A1 (en) * | 2003-05-27 | 2005-10-13 | Blackburn Christopher W | Gaming network environment having a language translation service |
US7685642B2 (en) * | 2003-06-26 | 2010-03-23 | Contentguard Holdings, Inc. | System and method for controlling rights expressions by stakeholders of an item |
US20050050320A1 (en) * | 2003-09-02 | 2005-03-03 | Microsoft Corporation | Branding framework |
US8898657B2 (en) * | 2003-10-03 | 2014-11-25 | Cyberlink Corp. | System and method for licensing software |
US7788496B2 (en) * | 2003-10-08 | 2010-08-31 | Microsoft Corporation | First computer process and second computer process proxy-executing code on behalf thereof |
US8103592B2 (en) | 2003-10-08 | 2012-01-24 | Microsoft Corporation | First computer process and second computer process proxy-executing code on behalf of first process |
US7979911B2 (en) | 2003-10-08 | 2011-07-12 | Microsoft Corporation | First computer process and second computer process proxy-executing code from third computer process on behalf of first process |
US20050120210A1 (en) * | 2003-11-03 | 2005-06-02 | Hassan Behbehani | Method to minimize software piracy and enhance security in processes related with many industries |
US20050097593A1 (en) * | 2003-11-05 | 2005-05-05 | Michael Raley | System, method and device for selected content distribution |
JP4732746B2 (en) * | 2004-01-08 | 2011-07-27 | パナソニック株式会社 | Content distribution system, license distribution method, and terminal device |
CA2551974A1 (en) * | 2004-02-03 | 2005-08-18 | International Business Machines Corporation | Digital rights management |
US7744002B2 (en) | 2004-03-11 | 2010-06-29 | L-1 Secure Credentialing, Inc. | Tamper evident adhesive and identification document including same |
US20070124252A1 (en) * | 2004-03-31 | 2007-05-31 | Akio Higashi | Reception device, transmission device, security module, and digital right management system |
US20060020556A1 (en) * | 2004-07-01 | 2006-01-26 | Hamnen Jan H | System and method for distributing electronic content utilizing electronic license keys |
US7963847B2 (en) | 2004-08-19 | 2011-06-21 | Igt | Gaming system having multiple gaming machines which provide bonus awards |
US8021230B2 (en) | 2004-08-19 | 2011-09-20 | Igt | Gaming system having multiple gaming machines which provide bonus awards |
US8251791B2 (en) | 2004-08-19 | 2012-08-28 | Igt | Gaming system having multiple gaming machines which provide bonus awards |
US20060064387A1 (en) * | 2004-09-22 | 2006-03-23 | Siemens Information And Communication Networks, Inc. | Systems and methods for software licensing |
US7467404B2 (en) * | 2004-09-27 | 2008-12-16 | Bally Garning, Inc. | System and method for distributing software licenses |
JP4843208B2 (en) * | 2004-09-30 | 2011-12-21 | 株式会社東芝 | Digital content editing apparatus, digital content editing method, digital content editing program, and recording medium recording digital content editing program |
US20060107326A1 (en) * | 2004-11-12 | 2006-05-18 | Demartini Thomas | Method, system, and device for verifying authorized issuance of a rights expression |
US20060106726A1 (en) * | 2004-11-18 | 2006-05-18 | Contentguard Holdings, Inc. | Method, system, and device for license-centric content consumption |
US8126814B2 (en) * | 2004-11-18 | 2012-02-28 | Cisco Technology, Inc. | Method and system for installing software and hardware feature licenses on devices |
US8660961B2 (en) * | 2004-11-18 | 2014-02-25 | Contentguard Holdings, Inc. | Method, system, and device for license-centric content consumption |
US7725721B2 (en) | 2004-11-18 | 2010-05-25 | Cisco Technology, Inc. | Method and system for transferring software and hardware feature licenses between devices |
US20060112015A1 (en) * | 2004-11-24 | 2006-05-25 | Contentguard Holdings, Inc. | Method, system, and device for handling creation of derivative works and for adapting rights to derivative works |
US20060242082A1 (en) * | 2004-11-29 | 2006-10-26 | Yanki Margalit | Method and system for protecting of software application from piracy |
US8225301B2 (en) * | 2005-03-16 | 2012-07-17 | Hewlett-Packard Development Company, L.P. | Software licensing management |
US20060248573A1 (en) * | 2005-04-28 | 2006-11-02 | Content Guard Holdings, Inc. | System and method for developing and using trusted policy based on a social model |
JP2006338183A (en) * | 2005-05-31 | 2006-12-14 | Mitsubishi Electric Engineering Co Ltd | Software license management system |
US20060294019A1 (en) * | 2005-06-22 | 2006-12-28 | Lenovo (Singapore) Pte. Ltd. | On demand business model to reuse software license |
US20060294022A1 (en) * | 2005-06-22 | 2006-12-28 | Dayan Richard A | Apparatus, system, and method for enabling a service |
US7835993B2 (en) * | 2005-07-14 | 2010-11-16 | Panasonic Corporation | License management device and method |
US7438078B2 (en) * | 2005-08-05 | 2008-10-21 | Peter Woodruff | Sleeping bag and system |
WO2007024782A2 (en) * | 2005-08-24 | 2007-03-01 | Pioneer Hi-Bred International, Inc. | Compositions providing tolerance to multiple herbicides and methods of use thereof |
US8137188B2 (en) | 2005-09-09 | 2012-03-20 | Igt | Server based gaming system having multiple progressive awards |
US7841939B2 (en) | 2005-09-09 | 2010-11-30 | Igt | Server based gaming system having multiple progressive awards |
US8128491B2 (en) | 2005-09-09 | 2012-03-06 | Igt | Server based gaming system having multiple progressive awards |
US7568973B2 (en) | 2005-09-09 | 2009-08-04 | Igt | Server based gaming system having multiple progressive awards |
KR101322515B1 (en) * | 2005-09-29 | 2013-10-25 | 콘텐트가드 홀딩즈 인코포레이티드 | System and method for digital rights management using advanced copy with issue rights, and managed copy tokens |
US7720767B2 (en) * | 2005-10-24 | 2010-05-18 | Contentguard Holdings, Inc. | Method and system to support dynamic rights and resources sharing |
US8417640B2 (en) * | 2005-10-31 | 2013-04-09 | Research In Motion Limited | Secure license key method and system |
US7584943B2 (en) * | 2005-12-29 | 2009-09-08 | Frommelt Industries Of Canada, Inc. | Loading dock bumper with replaceable metal faceplate |
JP4564464B2 (en) * | 2006-01-05 | 2010-10-20 | 株式会社東芝 | Digital content playback apparatus, method and program |
EP1830294A1 (en) * | 2006-01-05 | 2007-09-05 | Alcatel Lucent | Licence protection system, billing system therewith, and method for licensing a software |
US7941504B2 (en) * | 2006-02-07 | 2011-05-10 | Efraim Gershom | Global peripheral device sharing system and method |
US8512130B2 (en) | 2006-07-27 | 2013-08-20 | Igt | Gaming system with linked gaming machines that are configurable to have a same probability of winning a designated award |
WO2008021079A2 (en) | 2006-08-08 | 2008-02-21 | Wms Gaming Inc. | Configurable wagering game manager |
US8850209B2 (en) | 2006-09-12 | 2014-09-30 | Microsoft Corporation | Schema signing |
US7674180B2 (en) | 2006-09-27 | 2010-03-09 | Igt | Server based gaming system having system triggered loyalty award sequences |
US7862430B2 (en) | 2006-09-27 | 2011-01-04 | Igt | Server based gaming system having system triggered loyalty award sequences |
US8616959B2 (en) | 2006-09-27 | 2013-12-31 | Igt | Server based gaming system having system triggered loyalty award sequences |
US20080148253A1 (en) * | 2006-12-15 | 2008-06-19 | Microsoft Corporation | Automatic software license reconciliation |
US9171419B2 (en) | 2007-01-17 | 2015-10-27 | Touchtunes Music Corporation | Coin operated entertainment system |
US9330529B2 (en) | 2007-01-17 | 2016-05-03 | Touchtunes Music Corporation | Game terminal configured for interaction with jukebox device systems including same, and/or associated methods |
US9953481B2 (en) | 2007-03-26 | 2018-04-24 | Touchtunes Music Corporation | Jukebox with associated video server |
US20080244754A1 (en) * | 2007-04-02 | 2008-10-02 | Edward Curren | System and Method for Software License Management for Concurrent License Management and Issuance |
US8620818B2 (en) | 2007-06-25 | 2013-12-31 | Microsoft Corporation | Activation system architecture |
US20090199287A1 (en) * | 2007-06-26 | 2009-08-06 | Luc Vantalon | Systems and methods for conditional access and digital rights management |
JP2009027525A (en) * | 2007-07-20 | 2009-02-05 | Nec Corp | Optical transmission system and optical transmission method |
US8407669B2 (en) * | 2007-07-25 | 2013-03-26 | Oracle International Corporation | Device based software authorizations for software asset management |
US7985133B2 (en) | 2007-07-30 | 2011-07-26 | Igt | Gaming system and method for providing an additional gaming currency |
JP2009037455A (en) * | 2007-08-02 | 2009-02-19 | Canon Inc | Information processor, client device, and license management system |
US8900053B2 (en) | 2007-08-10 | 2014-12-02 | Igt | Gaming system and method for providing different bonus awards based on different types of triggered events |
US9147049B2 (en) * | 2007-08-16 | 2015-09-29 | Honeywell International Inc. | Embedded building conroller with stored software license information |
US8046771B2 (en) | 2007-09-12 | 2011-10-25 | International Business Machines Corporation | Generating and using constraints associated with software related products |
US10290006B2 (en) | 2008-08-15 | 2019-05-14 | Touchtunes Music Corporation | Digital signage and gaming services to comply with federal and state alcohol and beverage laws and regulations |
US8332887B2 (en) | 2008-01-10 | 2012-12-11 | Touchtunes Music Corporation | System and/or methods for distributing advertisements from a central advertisement network to a peripheral device via a local advertisement server |
US7783666B1 (en) | 2007-09-26 | 2010-08-24 | Netapp, Inc. | Controlling access to storage resources by using access pattern based quotas |
US9142097B2 (en) * | 2007-10-26 | 2015-09-22 | Igt | Gaming system and method for providing play of local first game and remote second game |
US8607226B2 (en) * | 2008-01-22 | 2013-12-10 | International Business Machines Corporation | Solution for locally staged electronic software distribution using secure removable media |
EP2260430A2 (en) * | 2008-02-22 | 2010-12-15 | Uniloc Usa, Inc. | License auditing for distributed applications |
US8315456B2 (en) * | 2008-04-10 | 2012-11-20 | The Nielsen Company | Methods and apparatus for auditing signage |
WO2009156302A1 (en) * | 2008-06-23 | 2009-12-30 | Nxp B.V. | Electronic device and method of software or firmware updating of an electronic device |
US8849435B2 (en) | 2008-07-09 | 2014-09-30 | Touchtunes Music Corporation | Digital downloading jukebox with revenue-enhancing features |
WO2010034459A1 (en) * | 2008-09-24 | 2010-04-01 | Nec Europe Ltd. | A method and a system for distributing tv content over a network |
US8898085B1 (en) | 2009-01-30 | 2014-11-25 | Hewlett-Packard Development Company, L.P. | License management solution for central-management products |
US10719149B2 (en) | 2009-03-18 | 2020-07-21 | Touchtunes Music Corporation | Digital jukebox device with improved user interfaces, and associated methods |
US9292166B2 (en) | 2009-03-18 | 2016-03-22 | Touchtunes Music Corporation | Digital jukebox device with improved karaoke-related user interfaces, and associated methods |
US10564804B2 (en) | 2009-03-18 | 2020-02-18 | Touchtunes Music Corporation | Digital jukebox device with improved user interfaces, and associated methods |
CA2754990C (en) | 2009-03-18 | 2015-07-14 | Touchtunes Music Corporation | Entertainment server and associated social networking services |
US9424399B2 (en) * | 2009-05-12 | 2016-08-23 | Microsoft Technology Licensing, Llc | Availability of permission models in roaming environments |
US20100293103A1 (en) * | 2009-05-12 | 2010-11-18 | Microsoft Corporation | Interaction model to migrate states and data |
US20100293536A1 (en) * | 2009-05-12 | 2010-11-18 | Microsoft Corporation | Enhanced product functionality based on user identification |
US20100323790A1 (en) * | 2009-06-19 | 2010-12-23 | Etchegoyen Craig S | Devices and Methods for Auditing and Enforcing Computer Game Licenses |
US9633183B2 (en) | 2009-06-19 | 2017-04-25 | Uniloc Luxembourg S.A. | Modular software protection |
US9039516B2 (en) | 2009-07-30 | 2015-05-26 | Igt | Concurrent play on multiple gaming machines |
US9582776B2 (en) * | 2009-10-09 | 2017-02-28 | Oracle International Corporation | Methods and systems for providing a comprehensive view of it assets as self service inquiry/update transactions |
US20110087604A1 (en) * | 2009-10-09 | 2011-04-14 | Oracle International Corporation | Micro-blogging for enterprise resources planning (erp) |
EP2504953A4 (en) * | 2009-11-23 | 2017-07-05 | Telefonaktiebolaget LM Ericsson (publ) | License redistributing method, moderator and license controlling system thereof |
EP2597608A1 (en) | 2010-01-26 | 2013-05-29 | Touchtunes Music Corporation | Digital jukebox device with improved user interfaces, and associated methods |
CN102236565A (en) * | 2010-04-30 | 2011-11-09 | 国际商业机器公司 | Method and system for cooperatively installing computer application |
US8650558B2 (en) | 2010-05-27 | 2014-02-11 | Rightware, Inc. | Online marketplace for pre-installed software and online services |
US9721240B2 (en) | 2010-05-27 | 2017-08-01 | International Business Machines Corporation | Software license serving in a massively parallel processing environment |
US9342825B2 (en) | 2010-06-10 | 2016-05-17 | International Business Machines Corporation | Software license and installation process management within an organization |
EP3734449B1 (en) | 2010-06-18 | 2023-07-12 | Sweetlabs, Inc. | Systems and methods for integration of an application runtime environment into a user computing environment |
US9043863B1 (en) | 2010-09-07 | 2015-05-26 | Symantec Corporation | Policy enforcing browser |
US8955152B1 (en) | 2010-09-07 | 2015-02-10 | Symantec Corporation | Systems and methods to manage an application |
US8832855B1 (en) | 2010-09-07 | 2014-09-09 | Symantec Corporation | System for the distribution and deployment of applications with provisions for security and policy conformance |
US8719586B1 (en) | 2011-03-09 | 2014-05-06 | Amazon Technologies, Inc. | Digital rights management for applications |
GB2522772B (en) | 2011-09-18 | 2016-01-13 | Touchtunes Music Corp | Digital jukebox device with karaoke and/or photo booth features, and associated methods |
US11151224B2 (en) | 2012-01-09 | 2021-10-19 | Touchtunes Music Corporation | Systems and/or methods for monitoring audio inputs to jukebox devices |
US9165332B2 (en) | 2012-01-27 | 2015-10-20 | Microsoft Technology Licensing, Llc | Application licensing using multiple forms of licensing |
US8751567B2 (en) | 2012-02-09 | 2014-06-10 | Oracle International Corporation | Quantify and measure micro-blogging for enterprise resources planning (ERP) |
US8775925B2 (en) | 2012-08-28 | 2014-07-08 | Sweetlabs, Inc. | Systems and methods for hosted applications |
US9372679B2 (en) * | 2013-08-02 | 2016-06-21 | Sap Se | Method and system for software delivery service |
US9921717B2 (en) | 2013-11-07 | 2018-03-20 | Touchtunes Music Corporation | Techniques for generating electronic menu graphical user interface layouts for use in connection with electronic devices |
TWI722981B (en) | 2014-03-25 | 2021-04-01 | 美商觸控調諧音樂公司 | Digital jukebox device with improved user interfaces, and associated methods |
CN104125335B (en) * | 2014-06-24 | 2017-08-25 | 小米科技有限责任公司 | Right management method, apparatus and system |
US9787685B2 (en) | 2014-06-24 | 2017-10-10 | Xiaomi Inc. | Methods, devices and systems for managing authority |
US9875618B2 (en) | 2014-07-24 | 2018-01-23 | Igt | Gaming system and method employing multi-directional interaction between multiple concurrently played games |
US9972171B2 (en) | 2015-09-24 | 2018-05-15 | Igt | Gaming system and method for providing a triggering event based on a collection of units from different games |
US10694352B2 (en) | 2015-10-28 | 2020-06-23 | Activision Publishing, Inc. | System and method of using physical objects to control software access |
JP6720519B2 (en) * | 2015-12-18 | 2020-07-08 | 株式会社リコー | Information processing device, program, and information processing system |
US10019558B2 (en) * | 2016-05-18 | 2018-07-10 | Adobe Systems Incorporated | Controlling licensable features of software using access tokens |
US10861079B2 (en) | 2017-02-23 | 2020-12-08 | Activision Publishing, Inc. | Flexible online pre-ordering system for media |
US11244031B2 (en) | 2017-03-09 | 2022-02-08 | Microsoft Technology Licensing, Llc | License data structure including license aggregation |
JP2018205816A (en) * | 2017-05-30 | 2018-12-27 | 富士通株式会社 | Information processing system, information processing device, and management program |
CN108985855B (en) * | 2018-08-01 | 2023-03-28 | 中国建设银行股份有限公司 | Method and system for determining contract information |
US20210111902A1 (en) * | 2019-10-11 | 2021-04-15 | Qualcomm Incorporated | System information protection at a network function in the core network |
US11694213B1 (en) * | 2019-12-04 | 2023-07-04 | State Farm Mutual Automobile Insurance Company | Electronic management of license data |
CN113742660B (en) * | 2021-08-11 | 2023-07-25 | 阿里巴巴新加坡控股有限公司 | Application program license management system and method |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4238853A (en) * | 1977-12-05 | 1980-12-09 | International Business Machines Corporation | Cryptographic communication security for single domain networks |
US4203166A (en) * | 1977-12-05 | 1980-05-13 | International Business Machines Corporation | Cryptographic file security for multiple domain networks |
US4259720A (en) * | 1978-01-09 | 1981-03-31 | Interbank Card Association | Security system for electronic funds transfer system |
US4458315A (en) * | 1982-02-25 | 1984-07-03 | Penta, Inc. | Apparatus and method for preventing unauthorized use of computer programs |
US4652990A (en) * | 1983-10-27 | 1987-03-24 | Remote Systems, Inc. | Protected software access control apparatus and method |
US4584639A (en) * | 1983-12-23 | 1986-04-22 | Key Logic, Inc. | Computer security system |
LU85372A1 (en) * | 1984-05-22 | 1986-01-29 | Alexandre Graevenitz | Forming fibre-reinforced concrete components - has fibres wound under tension onto mandrel with simultaneous cement spray |
US4780821A (en) * | 1986-07-29 | 1988-10-25 | International Business Machines Corp. | Method for multiple programs management within a network having a server computer and a plurality of remote computers |
US5010571A (en) * | 1986-09-10 | 1991-04-23 | Titan Linkabit Corporation | Metering retrieval of encrypted data stored in customer data retrieval terminal |
US4937863A (en) * | 1988-03-07 | 1990-06-26 | Digital Equipment Corporation | Software licensing management system |
US4891503A (en) * | 1988-03-29 | 1990-01-02 | Gascard, Inc. | Distributed authorization system |
US4924378A (en) * | 1988-06-13 | 1990-05-08 | Prime Computer, Inc. | License mangagement system and license storage key |
US5023907A (en) * | 1988-09-30 | 1991-06-11 | Apollo Computer, Inc. | Network license server |
US4919545A (en) * | 1988-12-22 | 1990-04-24 | Gte Laboratories Incorporated | Distributed security procedure for intelligent networks |
-
1989
- 1989-10-02 US US07/415,984 patent/US5138712A/en not_active Expired - Lifetime
-
1990
- 1990-04-30 GB GB9009655A patent/GB2236604B/en not_active Expired - Fee Related
- 1990-09-14 CA CA002025434A patent/CA2025434C/en not_active Expired - Fee Related
- 1990-10-02 JP JP2263242A patent/JP2928949B2/en not_active Expired - Fee Related
-
1994
- 1994-05-19 HK HK48594A patent/HK48594A/en not_active IP Right Cessation
Also Published As
Publication number | Publication date |
---|---|
CA2025434A1 (en) | 1991-04-03 |
GB9009655D0 (en) | 1990-06-20 |
US5138712A (en) | 1992-08-11 |
HK48594A (en) | 1994-05-27 |
JP2928949B2 (en) | 1999-08-03 |
GB2236604A (en) | 1991-04-10 |
JPH04100148A (en) | 1992-04-02 |
GB2236604B (en) | 1993-10-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2025434C (en) | Method for protecting against the unauthorized use of software in a computer network environment | |
US11704389B2 (en) | Controlling access to digital assets | |
US4941175A (en) | Tamper-resistant method for authorizing access to data between a host and a predetermined number of attached workstations | |
US7240345B2 (en) | Data processing apparatus and associated method | |
US5671412A (en) | License management system for software applications | |
CN100424678C (en) | System and method for authenticating software using hidden intermediate keys | |
White | ABYSS: ATrusted Architecture for Software Protection | |
US5925127A (en) | Method and system for monitoring the use of rented software | |
US7073197B2 (en) | Methods and apparatus for protecting information | |
CA2533076C (en) | Flexible licensing architecture for licensing digital application | |
US6330608B1 (en) | Method and system of a computer system for establishing communications between a service provider and a central service factory and registry in a computer system | |
US10678893B2 (en) | Methods and related apparatus for managing access to digital assets | |
US20050289072A1 (en) | System for automatic, secure and large scale software license management over any computer network | |
US9356781B2 (en) | Methods and apparatus for authenticating data as originating from a storage and processing device and for securing software and data stored on the storage and processing device | |
US20060106729A1 (en) | Method and apparatus for restricting use of a computer program | |
JP2000057045A (en) | Permission for controlling access to service in protected memory system | |
EP1471405A1 (en) | Method and device for protecting information against unauthorised use | |
KR20030038995A (en) | System and method for preventing illegal copying software | |
KR100423506B1 (en) | method of preventing an illegal software copy on-line using an IC chip installed card | |
JP3289656B2 (en) | Program execution control method | |
JP2002244756A (en) | Data processing method, semiconductor circuit, and certification device | |
KR20020051612A (en) | Prevention Of Illegal Software Usage Using Install Key Management Server | |
EP1376297A1 (en) | Method to enhance authentication, integrity and auditability security in software configuration management systems | |
Collins | Polycenter license system: Enabling electronic license distribution and management |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKLA | Lapsed |