US20080244754A1 - System and Method for Software License Management for Concurrent License Management and Issuance - Google Patents

System and Method for Software License Management for Concurrent License Management and Issuance Download PDF

Info

Publication number
US20080244754A1
US20080244754A1 US11/695,338 US69533807A US2008244754A1 US 20080244754 A1 US20080244754 A1 US 20080244754A1 US 69533807 A US69533807 A US 69533807A US 2008244754 A1 US2008244754 A1 US 2008244754A1
Authority
US
United States
Prior art keywords
license
server
computer
client
software
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US11/695,338
Inventor
Edward Curren
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US11/695,338 priority Critical patent/US20080244754A1/en
Publication of US20080244754A1 publication Critical patent/US20080244754A1/en
Priority to US12/402,569 priority patent/US8069119B2/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/105Arrangements for software license management or administration, e.g. for managing licenses at corporate level
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2147Locking files
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks

Definitions

  • the present invention relates generally to a system and method for software license management. More specifically the present invention relates to a system and method for software license management for concurrent license management and license issuance.
  • the present invention is method and system for software license management. Many other software license management systems are taught or known in the prior art, but each has their own respective shortcomings on which the present invention improves or eliminates in addition to the additional elements taught by the present invention.
  • U.S. Pat. No. 7,013,294 discloses a license management system for software which drives a single computer or a plurality of computers including: an application program for requesting a decision of the number of license which it needs to drive itself and for receiving issuance of the license; a number of license decision unit for determining the necessary number of licenses in accordance with the request from the application program; and a license management unit for issuing the number of licenses which was determined by the number of license decision unit. According to this invention, it is possible to provide a license management system enabling issuance of a license in which the sales strategy of a software maker was considered.
  • U.S. Pat. No. 6,574,612 a method and system for providing flexibility to a license management system is disclosed.
  • This license management system permits the concurrent use of multiple copies of a software program over a network comprising a plurality of client workstations, each client workstation having a copy of the software program installed thereon requiring an authorization from one of a plurality of license servers each time the software program is used.
  • the license management system requires that at least the integer majority of the plurality of license servers is active at any time. This method and system allows a change to the number of license servers, but imposes several limitations.
  • U.S. Pat. No. 5,138,712 teaches a software application wherein the verification and license check out functions which are normally performed by a license server of a network software license system.
  • the encrypted license information is contained in a license token, and is sorted in the database controlled by the license server.
  • the license server In contrast to the prior art where the license server either grants or denies the request after verifying the user's credentials, the license server here finds the correct license token for the software application and transmits the license token to the licensing library.
  • U.S. Pat. No. 5,553,143 allows for the electronic management and enforcement of software licenses used only in a network or non-network environment to facilitate product licensing and upgrades. Further, it only accommodates the use of compact disc read-only memory (CD ROM) product distribution.
  • CD ROM compact disc read-only memory
  • U.S. Pat. No. 5,671,412 teaches an improved software license management system wherein a license server initializes a license database by receiving a package license description that includes component license descriptions for component software products in a package.
  • a client computer system can request a license for a component product in a package.
  • a license is granted to the client when the client is allowed to receive the license according to a license policy.
  • U.S. Pat. No. 6,189,145 teaches a software licensing system includes a license generator located at a licensing clearinghouse and at least one license server and multiple clients located at a company or entity. When a company wants a software license, it sends a purchase request (and appropriate fee) to the licensing clearinghouse.
  • the license generator at the clearinghouse creates a license pack containing a set of one or more individual software licenses.
  • U.S. Pat. No. 6,260,141 teaches a software license control system based on independent software registration servers.
  • the registration servers are open to all software manufacturers.
  • a software product asks the user software license control program whether the user has a usage license for the software product.
  • the user license control program checks the license file, received from a software registration server, and answers the software product.
  • U.S. Patent Application Publication 20020091645 discloses a licensing system comprising an application information database into which a license management server machine stores a license menu containing a function, a term and a number of times and the like for which usage may be approved with respect to software to be usage-approved.
  • a user terminal is capable of accessing the application information database via an Internet network. Therefore, according to this system o, a software license granting technique is provided in which a range of software licensing choices is expanded so that various user needs can be met even with the same single software, and unlawful copying of the software that is approved for use by the user can be eliminated.
  • U.S. Patent Application Publication 20050102240 discloses a software licensing system includes a license generator located at a licensing clearinghouse and at least one license server and multiple clients located at a company or entity.
  • a company wants a software license, it sends a purchase request and appropriate fee to the licensing clearinghouse.
  • the license generator at the clearinghouse creates a license pack containing a set of one or more individual software licenses.
  • the license generator digitally signs the license pack and encrypts it with the license server's public key.
  • the license server is responsible for distributing the software licenses from the license pack to individual clients.
  • the license server determines the client's operating system platform and grants the appropriate license.
  • the license server digitally signs the software license and encrypts it using the client's public key.
  • the license is stored locally at the client.
  • the system of the present invention is designed to license software it is a natural target for anyone who wants the software and does not want to pay for it. Because this software is a target of “hackers” it must have defenses beyond the ordinary for protecting itself against those who seek to destroy its ability to perform its job of guarding software usage rights as defined by the software company that employs the system of the present invention to safeguard their software. To this end the system of the present invention will always employ the strongest security schema available to it based on the circumstances of the environment in which it is running. To ensure the highest degree of protection the system is designed with multiple layers of security that act independently of the others. While no system is completely secure, the intent of this design is to make the cost of breaking into the system so high as to be impractical.
  • LMS License Management System
  • LC License Client
  • LS License Server
  • NLM Network License Manager
  • LMS License Management System
  • LC License Client
  • LS License Server
  • LMS License Management System
  • NLM Network License Manager
  • the present invention is method and system for software license management that is recorded on computer-readable medium and capable of execution by a computer.
  • the License Management System is comprised of three components. These three components are the License Client (LC), the License Server (LS) and the Network License Manager (NLM). For the system to function the LC and LS are required.
  • the NLM exists to facilitate and manage concurrent license usage.
  • the main patentable elements focus on the concurrent license management and method of license issuance.
  • the License Server and Network License Manager both provide an API to allow end users to write scripts to implement business rules in the decision making process at critical events in the registration, issuance, or usage of a license or customer.
  • the License Server and Network License Manager both provide an API to allow end users to extend the functionality of the license server and/or network license manager over multiple platform such as Windows operating systems, Unix, Linux, Mac OSX, Solaris, Various cell phone operating systems and various gaming systems such as Sony's PlayStation, Nintendo gaming systems, and Microsoft's Xbox gaming systems with real time notification when the license expires.
  • the license client provides facilities to run multiple licenses concurrently to enable complex licensing criterion.
  • the License Server and Network License Manager user interfaces provide a graphical method to implement logical business rules.
  • the License Server allows licenses to be revoked or suspended after issuance.
  • the Network License Manager provides encapsulations of a set of licenses in a logical container, named a license pool.
  • Each pool has a set of configurable attributes that are applied to all licenses contained in that pool. These attributes allow for: the permanent license assignment, online or offline usage of a license, configurable number of missed license to NLM check ins before the license disables itself, and allow or disallow other pools to use a configurable number of licenses in the event that the other pool runs out of available licenses.
  • FIG. 1 is a conceptual view of the licensing system of the present invention
  • FIG. 2 is a flow chart illustrating Business Rules Callback Processing of the present invention
  • FIG. 3 is a flow chart of the process of the Client Side of the present invention.
  • FIG. 4 is a flow chart of the process of the Server Side of the present invention.
  • FIGS. 5 a and 5 b are flow charts of the process of the Client Side of the present invention.
  • FIG. 6 is a flow chart of the process of the Network License Manager of the present invention.
  • FIG. 7 is a flow chart of the process of the Network License Manager and Client of the present invention.
  • FIG. 8 is a flow chart of the process of the Server and Client of the present invention.
  • FIG. 9 is a screen shot of the GUI of the present invention showing the customer editor
  • FIG. 10 is a screen shot of the GUI of the present invention showing the user editor
  • FIG. 11 is a screen shot of the GUI of the present invention showing the server's general configuration editor
  • FIG. 12 is a screen shot of the GUI of the present invention showing the overall cluster configuration
  • FIG. 13 is a screen shot of the GUI of the present invention showing the cluster node configuration
  • FIG. 14 is a screen shot of the GUI of the present invention showing the product editor.
  • the Licensing System 1 of the present invention is recorded on computer-readable medium and capable of execution by a computer and is comprised of three modules the interact via a multi-user network 14 such as the Internet. These modules are the License Client (LC) 13 , the License Server (LS) 6 , and the Network License Manager (NLM) 15 . For the licensing system to function the License Client 13 and License Server are required. In an alternative embodiment, the Network License Manager 15 exists to facilitate and manage concurrent license usage.
  • LC License Client
  • LS License Server
  • NLM Network License Manager
  • the License Server 6 further consists the following additional components: an identity management system 2 , database interference subsystem 3 , web server 4 , server clustering subsystem 5 , license issuance subsystem 96 and license validation subsystem 97 .
  • the license manager 15 is further comprised of the following additional components: an identity management subsystem 20 , database interference subsystem 17 , web server 18 , server clustering subsystem 19 , license pooling subsystem 7 , license validation subsystem 8 , and license monitoring subsystem 9 .
  • the Client 13 is further comprised of the following additional components: an identity management subsystem 12 , license validation subsystem 10 , and license monitoring system 11 .
  • a message is defined as an XML document that conforms to a specific predefined schema. Each message is encrypted and signed for security and authentication purposes. A message is most often transmitted and received via an HTTP or HTTPS connection, although in a few special circumstances a message can be transferred from one component to another via the use of a file.
  • FIG. 2 a flow chart illustrating the business rules callback processing of the present invention.
  • Business rules callback processing is accomplished via one of three options.
  • the License Server/Network License Manager starts, it reads a directive named “BusinessRule” from the configuration file.
  • This directive can have four values which are “UserCompiled”, “Java”, “DotNet”, or “NotImplemented”. In the case of “NotImplimented” the function will simply return immediately.
  • the Client Side/User Interface 96 consists of three routines, the first is the writing of .NET code to the user interface (UI) 98 , which is then compiled 99 and uploaded 100 to the server 97 and its compiled .NET assembly 110 ; the second is the writing of the C/C++ code to the UI 106 , compiled 108 , and then uploaded as a shared library or dll file to the server 107 and its compiled C/C++ object 109 ; and the third is the writing of the java code 101 , which is then compiled 102 and uploaded to the server 103 and its Java class file 116 .
  • UI user interface
  • a server request is first received from a license client 104 , which triggers a callback function 113 .
  • the configuration file next indicates that the server should use Java code 114 and then uses a Business Rule Directive from the configuration file to determine if it should continue to use Java or switch to User Compiled or .NET to further process the request 115 .
  • java is continued the system calls the java class with the serialized request 117 and obtains if from the java class file 116 .
  • the serialized request is to be processed via user compiled, the system calls out to the users compiled shared library 111 and obtains the information from the complied C/C++ object 109 .
  • the serialized request is to be processed via .NET, then the system calls out to the user's .NET assembly 112 and obtains the information form the compiles .NET assembly 110 .
  • FIG. 3 is a flow chart of the process of the Client Side of the present invention.
  • An external request as shown by continuation point “D” 83 starts 21 the client side process.
  • the first step is to select a client 22 and a request for the local license and customer registration 24 is sent to the license server 25 , denoted as continuation point “C” 81 .
  • the license server 25 denoted as continuation point “C” 81 .
  • the client operation selection 22 is to use a local license 26 the system first determines if the license has been tampered with 29 . If tampering has occurred an error message 30 is returned and the operation stops. If the license has not been tampered with 29 a second check is made to ensure the license has not expired 28 , if expired an error message 30 is returned and the operation stops. If the license has not been tampered with and has not expired it is okay to use 27 and system returns to its start position 21 .
  • FIG. 4 a flow chart of the process on the Server Side of the present invention is illustrated.
  • the server side will be initiated from either a request for the local license and customer registration 24 received, denoted as continuation point “C” 81 or from an electronically transmitted file to a customer service representative, denoted as continuation point “B” 82 .
  • a request type is first determined 36 and the system process the license request and determines if the customer is registered 32 in the database 38 . If the customer is not registered a certificate and customer's public key is issued 39 and sent to the client 42 , the customer is registered 40 and the analysis of the license continues 33 .
  • the system will also determine if the server handles the product of the license request 31 , and if so, will continue its analysis, but if not, it will return a response indicating such 37 to the client 42 . If the server does handle the product and the customer is registered, the system places a call to the end user business rules script 34 and determines if the request has been rejected 35 . If the request has been rejected a message will be sent to the client 42 , and if not a determination on whether a license can be issued 41 and the answer returned to the client 42 .
  • Valid license types issued by the system of the present invention includes: unrestricted, limited time evaluation, limited runs evaluation, software lease, and count uses.
  • the unrestricted license type which places no restrictions on how long the user of the license may continue to use the software.
  • the Limited Time Evaluation wherein the license will evaluate the License Time Duration, License Time Unit, and License Timer Start variables to create a time span that the license will then compare against the current system time to determine if the license time period has been exceeded, and as such expire itself.
  • the license will check the current system time against the Last Used Date property and validate that the current system time is not earlier than the Last Used Date property. Once validated the Last Used Date will be updated to the current system time.
  • the system may also incorporate a License Monitor to act as a monitoring process for all licenses in use by clients. If a periodic client license check-in is required for a license or a number of licenses, then this function will monitor the statistics updated by the Update Client Usage Info method. If those statistics exceed allowed values then the license will be declared an orphan and be reclaimed by the NLM. Exceeded statistics means, for example, that the license checked out by the client required that the client call the NLM every five minutes to update the NLM that the client was still alive and active and using the license, and that it could only miss two check-in cycles. If the License Monitor found that the last checking time for the client was ten minutes and one second, then the license would be declared orphaned and reclaimed. Production statistics and real-time monitoring will be on the order of milliseconds, not minutes and seconds.
  • the Limited Runs Evaluation combines the Number Of Allowed Runs property with the License Run Count property to determine if the license has expired.
  • the Software Lease checks that two conditions are valid before proceeding.
  • the first condition to be checked is to ensure that the current system date is greater than or equal to the License Valid Star Time property. In the case that the current system time is less than the valid start time the license will return an error message.
  • the second condition to be checked is to ensure that the current system time is less than or equal to the License Valid End Time property. If the current system time is greater than the License Valid End Time property the license will return an error message.
  • the current system time is greater than the License Valid End Time property the license will return an error message.
  • FIGS. 5 a and 5 b flow charts illustrating of the process of the Client Side of the present invention are shown.
  • the system immediately and directly access the network license manager 15 , denoted as continuation point “E” 85 , for the analysis of the request type 46 and additional process steps of the network license manager 15 .
  • continuation point “E” 85 the network license manager 15
  • a return message is sent to the client 56 , denoted as continuation point “F” 86 that is delivered to client 13 , denoted as continuation point “A” 84 .
  • FIG. 6 is a flow chart of the process of the Network License Manager of the present invention.
  • the network license manager (NLM) is a server that sits on a customer's network and handles the management of concurrent network licenses.
  • NLM network license manager
  • One of the fundamental architectural organizations of this server is the concept of license pools.
  • a license pool is a group of licenses that are controlled and allowed to be used based on a set of configuration parameters.
  • Company XYZ has an NLM installed on its intranet.
  • Three different departments in XYZ have purchased licenses for the same software product, but the funds have come from department budgets rather than an overall company budget. Because of this the Sales and Marketing department does not want the Research and Development department, who have a much higher demand for the limited number of licenses using all of Sales and Marketing's licenses when Sales and Marketing needs to use the software.
  • the Administration department has a number of licenses but does not typically use them often, but must have access to the software when they need it.
  • license pools there are three license pools. One each for Administration, Sales and Marketing, and Research and Development. Because R&D was getting the username and password for the Sales department's license pool, the Sales department has set the authentication level of their pool of licenses to require registration with the NLM and use the NLM issued PKI X.509 certificate for authentication against the pool before a license may be used by the requester. Sales has also set their maximum number of licenses that may be used in overflow requests to zero effectively turning off the overflow participation of their pool.
  • the Research and Development department's pool has basic username/password authentication, as is the Administration's pool. More over the Administration's pool has their maximum number of licenses that may be used in overflow requests set to minus one ( ⁇ 1) which means that all licenses in the pool are available to overflow requests.
  • the analysis of the request type 46 is initiated.
  • a check to determine if the customer is registered is run 53 . If the customer is not registered a certificate and customer's public key is issued 54 and sent to the client 56 , and the customer is registered 55 . Concurrently, the license is checked 47 for valid credentials 48 and caller permission to check out the license 48 . If the license is invalid 57 or the caller has no rights 58 , a message is sent to the client 56 . Next a check is done to determine if the license pool has any available licenses 50 and if so a valid license is marked in use and returned to the client 52 in a message 56 .
  • an overflow pool is checked for available licenses. If an overflow pool license is available a valid license is marked in use and returned to the client 52 in a message 56 . If no overflow pool license is available a message stating such 59 is returned to the client 56 .
  • FIG. 7 a flow chart of the process of the Network License Manager 70 and Client 69 of the present invention are illustrated.
  • a check of the response is started 60 . If the response is based on invalid credentials, no rights, or no available license an error message is returned to the user 61 . If the response is valid and a license is returned, the license is added to the active license list 62 and the time cycle is started in the license revalidation timer 63 . When the timer cycle expires the first step is to determine if the license has expired since the last check 64 .
  • the next step is to determine if the network license manager can be contacted 65 . If the NLM can not be contacted, then a check is run to determine if the maximum number of missed NLM updates limit has been exceeded 66 , if not the process returns to the revalidation timer 63 , if it has been exceeded an error message is returned to the user 67 . If the NLM is contacted, then a check to determine if the license has been reclaimed by the NLM is run 68 . If the NLM has reclaimed the license an error message is returned to the user 61 , if not the process returns to the revalidation timer 63 .
  • FIG. 8 is a flow chart of the process of the Server 72 and Client 71 of the present invention when a customer service representative or other human interaction is required by a user during the process of the system of the present invention.
  • a request is made by file 75 or an offline key request is submitted 77 .
  • the file request 75 is followed by a license request 76 made by a file that is electronically transmitted to a customer service representative 78 who then accesses the server, denoted as continuation point “B” 82 which results in the issuance of an offline license via file transactions.
  • an offline key request 77 may be provided to a customer service representative 78 by the user 98 so that the customer service representative 78 can input the client key and license parameters 79 and process offline the key request and generate and offline authorization code 80 that is then provided to the user 98 .
  • This system is designed to license software it is a natural target for anyone who wants the software and does not want to pay for it.
  • this software is a target of “hackers” it must have defenses. Measures to disable the system of the present invention that have been taken into account by this document.
  • One strategy for disabling the present invention is by replacing the DLL libraries.
  • the present invention requires that the present invention DLLs be digitally signed. This signature can then be compared by the employing application and validated that the signature of the DLL it is using matches the known-good signature.
  • Another method would be the manually writing of a license and feeding it into the present invention system, or altering an existing license.
  • the system of the present invention requires license encryption i to prevent knowledge of the format of the license.
  • licenses are signed by the present invention's License Server (LS) that issues them.
  • This LS is also registered with the present invention License Client (LC) that requested the license.
  • Included in this LS registration information is the server's encryption and signature public keys in the form of X.509 digital certificates.
  • Each time the license is used the license's signature is validated against the server's signature X.509 certificate to ensure that the license has been issued by a valid LS.
  • the license may call the issuing LS to ensure that it is still valid and has not been revoked. Should the call to the server fail the application will be notified of this via the programming construct of an event.
  • different cryptographic methodologies and cryptographic keys are used in the various stages of the license issuance process.
  • the client database contains unique data about the machine that the software is running on. Specifically the hard drive manufacturer's serial number for each of the drives installed in the computer and the MAC address of each of the computer's NIC cards. Each time the software is run the software will validate that the equipment that it is running on matches the data it has stored in it's database.
  • Another potential opening is the turning back of the system clock to perpetually stay within the license's allowed validity time when using a “software lease” or “restricted by time” license.
  • Each time a license of this type is used the current system time is checked against the last used system time. If the current system time is greater than the last used system time the last used system time is updated to the current time.
  • the user interface is comprised of panes in four docking areas of the screen.
  • a first area holds the explorer components 98 that are navigational in nature.
  • a second area holds the editor components 89 .
  • the editor components are, as their name implies, used to create, edit, or remove information. Depending on the control this may be done via textual editing, or graphical composition such as report designer and workflow editor.
  • a third area 90 holds the property editor and palette window, the palette windows is primarily used in the graphical composition editors.
  • a fourth area displays the output of activities such as compiling a report.
  • the server explorer is the primary navigation tool of the desktop GUI and is comprised of servers registered with the IDE and belonging to two categories, The present invention License Servers and Network License Managers. These registered servers are displayed in a JTree control.
  • the root node of the tree is labeled “The present invention Servers”. This root node contains 2 child nodes. The first of these child nodes is labeled “The present invention License Servers” and contains 0 . . . n child nodes, one for each of the license servers registered with the IDE. The second of theses child nodes is labeled “The present invention Network License Managers” and contains 0 . . . n child nodes, one for each of the network license manager servers registered with the IDE. In both cases the present invention's License Servers and the present invention's Network License Managers, the default text of the tree node is the same as the machine name of the registered server, however this label can be changed to an end-user defined value.
  • Sub-nodes common to both the “The present invention License Servers” node and the “The present invention Network License Servers” node are the “Customers”, “Reports”, “Users”, and “Application Configuration” nodes.
  • the “The present invention License Servers” sub-node also has 2 sub-nodes that are unique to the “The present invention License Servers” node. These two sub-nodes are the “Products” sub-node and the “Pending License Requests” sub-node.
  • the “The present invention Network License Servers” sub-node also has 2 sub-nodes unique to it. These subnodes are the “License Pools” sub-node and the “Orphaned Licenses” sub-node.
  • This section enumerates the actions that the GUI takes when individual tree nodes are clicked upon.
  • License Servers node is left clicked, the “License Server List” editor is displayed in the editors pane of the GUI.
  • Network License Management Servers node is left clicked, the “Network License Management Servers List” editor is displayed in the editors pane of the GUI.
  • Specific When a specific the present invention license server is selected from the list of the present invention license servers listed as children of the “The present invention License Servers” node, the “The present invention License Server” editor is launched and populated with the details of the server selected in the tree.
  • the “The present invention Network License Management Server” editor When a specific the present invention network license management server is selected from the list of the present invention license servers listed as children of the “The present invention Network License Management Servers” node, the “The present invention Network License Management Server” editor is launched and populated with the details of the server selected in the tree.
  • the Customers Editor When a “Customers” node directly under a specific server is clicked, the Customers Editor is launched in the editors pane of the GUI and the customer list of the Customers Editor is populated with the customers registered with the specific server.
  • a “Users” node directly under a specific server is clicked, the Users Editor is launched in the editors pane of the GUI and the user list of the Users Editor is populated with the users registered with the specific server.
  • the TCP/IP Settings Editor When a “TCP/IP Settings” node under a specific server is clicked, the TCP/IP Settings Editor is launched in the editors pane of the GUI and the TCP/IP settings for the selected server are populated in the editor.
  • the Security Settings Editor When a “Security Settings” node under a specific server is clicked, the Security Settings Editor is launched in the editors pane of the GUI and the Security settings for the selected server are populated in the editor.
  • the Logging Settings Editor When a “Logging Settings” node under a specific server is clicked, the Logging Settings Editor is launched in the editors pane of the GUI and the Logging settings for the selected server are populated in the editor.
  • the Database Settings Editor When a “Database Settings” node under a specific server is clicked, the Database Settings Editor is launched in the editors pane of the GUI and the Database settings for the selected server are populated in the editor.
  • the License Pools Editor When a “License Pools” node directly under a specific server is clicked, the License Pools Editor is launched in the editors pane of the GUI and the customer list of the License Pools Editor is populated with the customers registered with the specific server.
  • the Orphaned Licenses When a “Orphaned Licenses” node directly under a specific server is clicked, the Orphaned Licenses Editor is launched in the editors pane of the GUI and the customer list of the Orphaned Licenses Editor is populated with the customers registered with the specific server.
  • the business rules tree node When the business rules tree node is clicked the system opens one of two different editor windows.
  • scripting language is Java then a Java editor window that has the event functions already setup. If the scripting language is C++ then a C++ scripting window is opened. If the language is C# or VB or uses COM then the code will need to be written and compiled in Visual Studio, and is thus outside the scope of this IDE, however some mechanism to indicate which language the server should call to run the scripted business rules needs to be included.
  • the customer editor 87 is used to enter or edit customer information as well as to view a license history for that customer.
  • the editor is comprised of two major sections, which are the customer results grid section 89 and the customer details section 90 .
  • the customer details section is further broken down into two sections which are customer information, and the license history.
  • FIG. 11 illustrates the Sever General Configuration 89 which is displayed in a second area 92 and is comprised of Timeout and Keep Alive Settings.
  • FIGS. 12 and 13 the values in the Cluster Configuration heading 90 and 91 fall under one of two categories. These categories are “Overall Cluster Configuration” 93 and “Cluster Node Configuration” 94 .
  • the first of these, Overall Cluster Configuration 93 is represented in FIG. 12 .
  • This first category is comprised of five variables which are: Worker Maintenance Interval, Enable Sticky Sessions, Force Sticky Sessions, Load Balance Method, and Memory Locking Method.
  • the second category is comprised of eight variable which are: host address, load balancing factor, socket timeout, enable socket keep alive, Request Retries, Connection Pool Size, Minimum Connection Pool Size, and Connection Pool Timeout.
  • FIG. 14 illustrates the Product Editor 92 which is displayed in a second area 95 and includes such variables as product name, product version, product system ID, product unique identification information and attribute fields.
  • License Server and Network License Manager Server There are 3 possible installation and deployment configurations for the present invention License Server and Network License Manager Server. These three configurations are: stand alone, cluster manager, and cluster worker.
  • the Stand Alone configuration installs both the Apache 2.0.x http server with the appropriate The present invention modules as well as the Apache Tomcat Java application server. In addition to these two applications the installation will also write out the appropriate configuration files (i.e. mod_jk.conf, httpd.conf, ssl.conf, nw_firewall.conf, etc).
  • the Cluster Manager configuration installs only the Apache 2.0.x http server without the The present invention modules.
  • the configuration files that are written are specific to the mod_jk clustering schema. These files are httpd.conf, ssl.conf, nw_firewall.com, mod_jk.conf and workers.properties.
  • the Cluster Worker configuration is virtually identical to the Stand Alone installation with the added requirement of informing the Cluster Manager of it's installation and providing its information to the Cluster Manager so that the Cluster Manager may update its configuration with the new worker data.

Abstract

The present invention is a method and system for software license management. The License Management System (LMS) is comprised of three components. These three components are the License Client (LC), the License Server (LS) and the Network License Manager (NLM). For the system to function the LC and LS are required. The NLM exists to facilitate and manage concurrent license usage.

Description

    FEDERALLY SPONSORED RESEARCH
  • Not Applicable
  • SEQUENCE LISTING OR PROGRAM
  • Not Applicable
  • CROSS REFERENCE TO RELATED APPLICATIONS
  • Not Applicable
  • TECHNICAL FIELD OF THE INVENTION
  • The present invention relates generally to a system and method for software license management. More specifically the present invention relates to a system and method for software license management for concurrent license management and license issuance.
  • BACKGROUND OF THE INVENTION
  • The present invention is method and system for software license management. Many other software license management systems are taught or known in the prior art, but each has their own respective shortcomings on which the present invention improves or eliminates in addition to the additional elements taught by the present invention.
  • U.S. Pat. No. 7,013,294 discloses a license management system for software which drives a single computer or a plurality of computers including: an application program for requesting a decision of the number of license which it needs to drive itself and for receiving issuance of the license; a number of license decision unit for determining the necessary number of licenses in accordance with the request from the application program; and a license management unit for issuing the number of licenses which was determined by the number of license decision unit. According to this invention, it is possible to provide a license management system enabling issuance of a license in which the sales strategy of a software maker was considered.
  • In U.S. Pat. No. 6,574,612 a method and system for providing flexibility to a license management system is disclosed. This license management system permits the concurrent use of multiple copies of a software program over a network comprising a plurality of client workstations, each client workstation having a copy of the software program installed thereon requiring an authorization from one of a plurality of license servers each time the software program is used. For security reasons, the license management system requires that at least the integer majority of the plurality of license servers is active at any time. This method and system allows a change to the number of license servers, but imposes several limitations.
  • U.S. Pat. No. 5,138,712 teaches a software application wherein the verification and license check out functions which are normally performed by a license server of a network software license system. The encrypted license information is contained in a license token, and is sorted in the database controlled by the license server. In contrast to the prior art where the license server either grants or denies the request after verifying the user's credentials, the license server here finds the correct license token for the software application and transmits the license token to the licensing library.
  • U.S. Pat. No. 5,553,143 allows for the electronic management and enforcement of software licenses used only in a network or non-network environment to facilitate product licensing and upgrades. Further, it only accommodates the use of compact disc read-only memory (CD ROM) product distribution.
  • U.S. Pat. No. 5,671,412 teaches an improved software license management system wherein a license server initializes a license database by receiving a package license description that includes component license descriptions for component software products in a package. A client computer system can request a license for a component product in a package. A license is granted to the client when the client is allowed to receive the license according to a license policy.
  • U.S. Pat. No. 6,189,145 teaches a software licensing system includes a license generator located at a licensing clearinghouse and at least one license server and multiple clients located at a company or entity. When a company wants a software license, it sends a purchase request (and appropriate fee) to the licensing clearinghouse. The license generator at the clearinghouse creates a license pack containing a set of one or more individual software licenses.
  • U.S. Pat. No. 6,260,141 teaches a software license control system based on independent software registration servers. The registration servers are open to all software manufacturers. On user's computer, a software product asks the user software license control program whether the user has a usage license for the software product. The user license control program checks the license file, received from a software registration server, and answers the software product.
  • U.S. Patent Application Publication 20020091645 discloses a licensing system comprising an application information database into which a license management server machine stores a license menu containing a function, a term and a number of times and the like for which usage may be approved with respect to software to be usage-approved. A user terminal is capable of accessing the application information database via an Internet network. Therefore, according to this system o, a software license granting technique is provided in which a range of software licensing choices is expanded so that various user needs can be met even with the same single software, and unlawful copying of the software that is approved for use by the user can be eliminated.
  • U.S. Patent Application Publication 20050102240 discloses a software licensing system includes a license generator located at a licensing clearinghouse and at least one license server and multiple clients located at a company or entity. When a company wants a software license, it sends a purchase request and appropriate fee to the licensing clearinghouse. The license generator at the clearinghouse creates a license pack containing a set of one or more individual software licenses. The license generator digitally signs the license pack and encrypts it with the license server's public key. The license server is responsible for distributing the software licenses from the license pack to individual clients. When a client needs a license, the license server determines the client's operating system platform and grants the appropriate license. The license server digitally signs the software license and encrypts it using the client's public key. The license is stored locally at the client.
  • Because the system of the present invention is designed to license software it is a natural target for anyone who wants the software and does not want to pay for it. Because this software is a target of “hackers” it must have defenses beyond the ordinary for protecting itself against those who seek to destroy its ability to perform its job of guarding software usage rights as defined by the software company that employs the system of the present invention to safeguard their software. To this end the system of the present invention will always employ the strongest security schema available to it based on the circumstances of the environment in which it is running. To ensure the highest degree of protection the system is designed with multiple layers of security that act independently of the others. While no system is completely secure, the intent of this design is to make the cost of breaking into the system so high as to be impractical.
  • Therefore it is an objective of the present invention to teach a License Management System (LMS) is, in a best mode, comprised of three components. These three components are the License Client (LC), the License Server (LS) and the Network License Manager (NLM).
  • It is another objective of the present invention to teach a License Management System (LMS) that, in an alternative embodiment only requires a License Client (LC) and License Server (LS) to properly function.
  • It is yet another objective of the present invention to teach a License Management System (LMS) further comprised of a Network License Manager (NLM) component that exists to facilitate and manage concurrent license usage and issuance.
  • SUMMARY OF THE INVENTION
  • The present invention is method and system for software license management that is recorded on computer-readable medium and capable of execution by a computer. The License Management System (LMS) is comprised of three components. These three components are the License Client (LC), the License Server (LS) and the Network License Manager (NLM). For the system to function the LC and LS are required. The NLM exists to facilitate and manage concurrent license usage. The main patentable elements focus on the concurrent license management and method of license issuance.
  • The License Server and Network License Manager both provide an API to allow end users to write scripts to implement business rules in the decision making process at critical events in the registration, issuance, or usage of a license or customer. The License Server and Network License Manager both provide an API to allow end users to extend the functionality of the license server and/or network license manager over multiple platform such as Windows operating systems, Unix, Linux, Mac OSX, Solaris, Various cell phone operating systems and various gaming systems such as Sony's PlayStation, Nintendo gaming systems, and Microsoft's Xbox gaming systems with real time notification when the license expires.
  • The license client provides facilities to run multiple licenses concurrently to enable complex licensing criterion. The License Server and Network License Manager user interfaces provide a graphical method to implement logical business rules. The License Server allows licenses to be revoked or suspended after issuance.
  • The Network License Manager provides encapsulations of a set of licenses in a logical container, named a license pool. Each pool has a set of configurable attributes that are applied to all licenses contained in that pool. These attributes allow for: the permanent license assignment, online or offline usage of a license, configurable number of missed license to NLM check ins before the license disables itself, and allow or disallow other pools to use a configurable number of licenses in the event that the other pool runs out of available licenses.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The accompanying drawings, which are incorporated herein and form a part of the specification, illustrate the present invention and, together with the description, further serve to explain the principles of the invention and to enable a person skilled in the pertinent art to make and use the invention.
  • FIG. 1 is a conceptual view of the licensing system of the present invention;
  • FIG. 2 is a flow chart illustrating Business Rules Callback Processing of the present invention;
  • FIG. 3 is a flow chart of the process of the Client Side of the present invention;
  • FIG. 4 is a flow chart of the process of the Server Side of the present invention;
  • FIGS. 5 a and 5 b are flow charts of the process of the Client Side of the present invention;
  • FIG. 6 is a flow chart of the process of the Network License Manager of the present invention;
  • FIG. 7 is a flow chart of the process of the Network License Manager and Client of the present invention;
  • FIG. 8 is a flow chart of the process of the Server and Client of the present invention;
  • FIG. 9 is a screen shot of the GUI of the present invention showing the customer editor;
  • FIG. 10 is a screen shot of the GUI of the present invention showing the user editor;
  • FIG. 11 is a screen shot of the GUI of the present invention showing the server's general configuration editor;
  • FIG. 12 is a screen shot of the GUI of the present invention showing the overall cluster configuration;
  • FIG. 13 is a screen shot of the GUI of the present invention showing the cluster node configuration; and
  • FIG. 14 is a screen shot of the GUI of the present invention showing the product editor.
  • DETAILED DESCRIPTION OF THE INVENTION
  • In the following detailed description of the invention of exemplary embodiments of the invention, reference is made to the accompanying drawings (where like numbers represent like elements), which form a part hereof, and in which is shown by way of illustration specific exemplary embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention, but other embodiments may be utilized and logical, mechanical, electrical, and other changes may be made without departing from the scope of the present invention. The following detailed description is therefore, not to be taken in a limiting sense, and the scope of the present invention is defined only by the appended claims.
  • Now referring to FIG. 1, the Licensing System 1 of the present invention is recorded on computer-readable medium and capable of execution by a computer and is comprised of three modules the interact via a multi-user network 14 such as the Internet. These modules are the License Client (LC) 13, the License Server (LS) 6, and the Network License Manager (NLM) 15. For the licensing system to function the License Client 13 and License Server are required. In an alternative embodiment, the Network License Manager 15 exists to facilitate and manage concurrent license usage.
  • The License Server 6 further consists the following additional components: an identity management system 2, database interference subsystem 3, web server 4, server clustering subsystem 5, license issuance subsystem 96 and license validation subsystem 97. The license manager 15 is further comprised of the following additional components: an identity management subsystem 20, database interference subsystem 17, web server 18, server clustering subsystem 19, license pooling subsystem 7, license validation subsystem 8, and license monitoring subsystem 9. Finally, the Client 13 is further comprised of the following additional components: an identity management subsystem 12, license validation subsystem 10, and license monitoring system 11.
  • Interaction between the different components of the system is accomplished via messaging. A message is defined as an XML document that conforms to a specific predefined schema. Each message is encrypted and signed for security and authentication purposes. A message is most often transmitted and received via an HTTP or HTTPS connection, although in a few special circumstances a message can be transferred from one component to another via the use of a file.
  • Now referring to FIG. 2 a flow chart illustrating the business rules callback processing of the present invention. Business rules callback processing is accomplished via one of three options. When the License Server/Network License Manager starts, it reads a directive named “BusinessRule” from the configuration file. This directive can have four values which are “UserCompiled”, “Java”, “DotNet”, or “NotImplemented”. In the case of “NotImplimented” the function will simply return immediately. The Client Side/User Interface 96 consists of three routines, the first is the writing of .NET code to the user interface (UI) 98, which is then compiled 99 and uploaded 100 to the server 97 and its compiled .NET assembly 110; the second is the writing of the C/C++ code to the UI 106, compiled 108, and then uploaded as a shared library or dll file to the server 107 and its compiled C/C++ object 109; and the third is the writing of the java code 101, which is then compiled 102 and uploaded to the server 103 and its Java class file 116.
  • On the server side 97, a server request is first received from a license client 104, which triggers a callback function 113. The configuration file next indicates that the server should use Java code 114 and then uses a Business Rule Directive from the configuration file to determine if it should continue to use Java or switch to User Compiled or .NET to further process the request 115. If java is continued the system calls the java class with the serialized request 117 and obtains if from the java class file 116. If the serialized request is to be processed via user compiled, the system calls out to the users compiled shared library 111 and obtains the information from the complied C/C++ object 109. If the serialized request is to be processed via .NET, then the system calls out to the user's .NET assembly 112 and obtains the information form the compiles .NET assembly 110.
  • FIG. 3 is a flow chart of the process of the Client Side of the present invention. An external request, as shown by continuation point “D” 83 starts 21 the client side process. Once started 21, the first step is to select a client 22 and a request for the local license and customer registration 24 is sent to the license server 25, denoted as continuation point “C” 81. If the client operation selection 22 is to use a local license 26 the system first determines if the license has been tampered with 29. If tampering has occurred an error message 30 is returned and the operation stops. If the license has not been tampered with 29 a second check is made to ensure the license has not expired 28, if expired an error message 30 is returned and the operation stops. If the license has not been tampered with and has not expired it is okay to use 27 and system returns to its start position 21.
  • Now referring to FIG. 4, a flow chart of the process on the Server Side of the present invention is illustrated. The server side will be initiated from either a request for the local license and customer registration 24 received, denoted as continuation point “C” 81 or from an electronically transmitted file to a customer service representative, denoted as continuation point “B” 82. After initiation, a request type is first determined 36 and the system process the license request and determines if the customer is registered 32 in the database 38. If the customer is not registered a certificate and customer's public key is issued 39 and sent to the client 42, the customer is registered 40 and the analysis of the license continues 33. The system will also determine if the server handles the product of the license request 31, and if so, will continue its analysis, but if not, it will return a response indicating such 37 to the client 42. If the server does handle the product and the customer is registered, the system places a call to the end user business rules script 34 and determines if the request has been rejected 35. If the request has been rejected a message will be sent to the client 42, and if not a determination on whether a license can be issued 41 and the answer returned to the client 42.
  • Valid license types issued by the system of the present invention includes: unrestricted, limited time evaluation, limited runs evaluation, software lease, and count uses.
  • The unrestricted license type which places no restrictions on how long the user of the license may continue to use the software.
  • The Limited Time Evaluation wherein the license will evaluate the License Time Duration, License Time Unit, and License Timer Start variables to create a time span that the license will then compare against the current system time to determine if the license time period has been exceeded, and as such expire itself. As a safeguard against a user simply resetting the system clock to an earlier date, upon use of the license it will check the current system time against the Last Used Date property and validate that the current system time is not earlier than the Last Used Date property. Once validated the Last Used Date will be updated to the current system time.
  • The system may also incorporate a License Monitor to act as a monitoring process for all licenses in use by clients. If a periodic client license check-in is required for a license or a number of licenses, then this function will monitor the statistics updated by the Update Client Usage Info method. If those statistics exceed allowed values then the license will be declared an orphan and be reclaimed by the NLM. Exceeded statistics means, for example, that the license checked out by the client required that the client call the NLM every five minutes to update the NLM that the client was still alive and active and using the license, and that it could only miss two check-in cycles. If the License Monitor found that the last checking time for the client was ten minutes and one second, then the license would be declared orphaned and reclaimed. Production statistics and real-time monitoring will be on the order of milliseconds, not minutes and seconds.
  • The Limited Runs Evaluation combines the Number Of Allowed Runs property with the License Run Count property to determine if the license has expired.
  • The Software Lease checks that two conditions are valid before proceeding. The first condition to be checked is to ensure that the current system date is greater than or equal to the License Valid Star Time property. In the case that the current system time is less than the valid start time the license will return an error message. The second condition to be checked is to ensure that the current system time is less than or equal to the License Valid End Time property. If the current system time is greater than the License Valid End Time property the license will return an error message. As a safeguard against a user simply resetting the system clock to an earlier date, upon use of the license it will check the current system time against the Last Used Date property and validate that the current system time is not earlier than the Last Used Date property. Once validated the Last Used Date will be updated to the current system time. The Count Uses license will increment the License Run Count property.
  • Now referring to FIGS. 5 a and 5 b, flow charts illustrating of the process of the Client Side of the present invention are shown. If an input is received to start 43 the operation of the present invention, and the selected client operation 44 is for the use of a concurrent network license 45, the system immediately and directly access the network license manager 15, denoted as continuation point “E” 85, for the analysis of the request type 46 and additional process steps of the network license manager 15. At the conclusion of the network license manager's 15 processes a return message is sent to the client 56, denoted as continuation point “F” 86 that is delivered to client 13, denoted as continuation point “A” 84.
  • FIG. 6 is a flow chart of the process of the Network License Manager of the present invention. The network license manager (NLM) is a server that sits on a customer's network and handles the management of concurrent network licenses. One of the fundamental architectural organizations of this server is the concept of license pools. A license pool is a group of licenses that are controlled and allowed to be used based on a set of configuration parameters.
  • The pool concept is illustrated by the following example. Company XYZ has an NLM installed on its intranet. Three different departments in XYZ have purchased licenses for the same software product, but the funds have come from department budgets rather than an overall company budget. Because of this the Sales and Marketing department does not want the Research and Development department, who have a much higher demand for the limited number of licenses using all of Sales and Marketing's licenses when Sales and Marketing needs to use the software. The Administration department has a number of licenses but does not typically use them often, but must have access to the software when they need it.
  • In this embodiment there are three license pools. One each for Administration, Sales and Marketing, and Research and Development. Because R&D was getting the username and password for the Sales department's license pool, the Sales department has set the authentication level of their pool of licenses to require registration with the NLM and use the NLM issued PKI X.509 certificate for authentication against the pool before a license may be used by the requester. Sales has also set their maximum number of licenses that may be used in overflow requests to zero effectively turning off the overflow participation of their pool. The Research and Development department's pool has basic username/password authentication, as is the Administration's pool. More over the Administration's pool has their maximum number of licenses that may be used in overflow requests set to minus one (−1) which means that all licenses in the pool are available to overflow requests.
  • Still referring to FIG. 6, upon receipt of input to the network license manager 15, denoted as continuation point “E” 85, the analysis of the request type 46 is initiated. A check to determine if the customer is registered is run 53. If the customer is not registered a certificate and customer's public key is issued 54 and sent to the client 56, and the customer is registered 55. Concurrently, the license is checked 47 for valid credentials 48 and caller permission to check out the license 48. If the license is invalid 57 or the caller has no rights 58, a message is sent to the client 56. Next a check is done to determine if the license pool has any available licenses 50 and if so a valid license is marked in use and returned to the client 52 in a message 56. If the license pool does not have an available license an overflow pool is checked for available licenses. If an overflow pool license is available a valid license is marked in use and returned to the client 52 in a message 56. If no overflow pool license is available a message stating such 59 is returned to the client 56.
  • Now referring to FIG. 7, a flow chart of the process of the Network License Manager 70 and Client 69 of the present invention are illustrated. Upon the client's 69 receipt of a response message from the network license manager, denoted as continuation point “A” 84, a check of the response is started 60. If the response is based on invalid credentials, no rights, or no available license an error message is returned to the user 61. If the response is valid and a license is returned, the license is added to the active license list 62 and the time cycle is started in the license revalidation timer 63. When the timer cycle expires the first step is to determine if the license has expired since the last check 64. If the license has expired an error message is returned to the user 61, if it has not expired the next step is to determine if the network license manager can be contacted 65. If the NLM can not be contacted, then a check is run to determine if the maximum number of missed NLM updates limit has been exceeded 66, if not the process returns to the revalidation timer 63, if it has been exceeded an error message is returned to the user 67. If the NLM is contacted, then a check to determine if the license has been reclaimed by the NLM is run 68. If the NLM has reclaimed the license an error message is returned to the user 61, if not the process returns to the revalidation timer 63.
  • FIG. 8 is a flow chart of the process of the Server 72 and Client 71 of the present invention when a customer service representative or other human interaction is required by a user during the process of the system of the present invention. When a user starts the process 73 on the client side 71 and selects a client operation 74 a request is made by file 75 or an offline key request is submitted 77. The file request 75 is followed by a license request 76 made by a file that is electronically transmitted to a customer service representative 78 who then accesses the server, denoted as continuation point “B” 82 which results in the issuance of an offline license via file transactions. Alternatively, an offline key request 77 may be provided to a customer service representative 78 by the user 98 so that the customer service representative 78 can input the client key and license parameters 79 and process offline the key request and generate and offline authorization code 80 that is then provided to the user 98.
  • Because this system is designed to license software it is a natural target for anyone who wants the software and does not want to pay for it. this software is a target of “hackers” it must have defenses. Measures to disable the system of the present invention that have been taken into account by this document. One strategy for disabling the present invention is by replacing the DLL libraries. The present invention requires that the present invention DLLs be digitally signed. This signature can then be compared by the employing application and validated that the signature of the DLL it is using matches the known-good signature.
  • Another method would be the manually writing of a license and feeding it into the present invention system, or altering an existing license. The system of the present invention requires license encryption i to prevent knowledge of the format of the license. Additionally, licenses are signed by the present invention's License Server (LS) that issues them. This LS is also registered with the present invention License Client (LC) that requested the license. Included in this LS registration information is the server's encryption and signature public keys in the form of X.509 digital certificates. Each time the license is used the license's signature is validated against the server's signature X.509 certificate to ensure that the license has been issued by a valid LS. At the option of the employing software application, the license may call the issuing LS to ensure that it is still valid and has not been revoked. Should the call to the server fail the application will be notified of this via the programming construct of an event. Finally, different cryptographic methodologies and cryptographic keys are used in the various stages of the license issuance process.
  • Another possible attack could occur via the copying a working database to a second machine. To thwart this, the client database contains unique data about the machine that the software is running on. Specifically the hard drive manufacturer's serial number for each of the drives installed in the computer and the MAC address of each of the computer's NIC cards. Each time the software is run the software will validate that the equipment that it is running on matches the data it has stored in it's database.
  • Another potential opening is the turning back of the system clock to perpetually stay within the license's allowed validity time when using a “software lease” or “restricted by time” license. Each time a license of this type is used the current system time is checked against the last used system time. If the current system time is greater than the last used system time the last used system time is updated to the current time. Each time the license is validated, which happens several times a minute, if the current system time is less than the last used system time, the license is expired.
  • In the case of the Network License Manager a need exists to balance the level of security prescribed by the employing software company and the level of effort required by administrators to register and maintain all possible users of the system with the NLM. To facilitate flexibility and security there are four methods provided by the NLM to allow users to make use of licenses from the NLM. These four methods exist strictly for usage of licenses from the NLM. Any administration of the NLM mirrors the same security protections that exist in the LS.
  • Now referring to FIGS. 9-14, the user interface is comprised of panes in four docking areas of the screen. A first area holds the explorer components 98 that are navigational in nature. A second area holds the editor components 89. The editor components are, as their name implies, used to create, edit, or remove information. Depending on the control this may be done via textual editing, or graphical composition such as report designer and workflow editor. A third area 90 holds the property editor and palette window, the palette windows is primarily used in the graphical composition editors. A fourth area displays the output of activities such as compiling a report.
  • The server explorer is the primary navigation tool of the desktop GUI and is comprised of servers registered with the IDE and belonging to two categories, The present invention License Servers and Network License Managers. These registered servers are displayed in a JTree control.
  • The root node of the tree is labeled “The present invention Servers”. This root node contains 2 child nodes. The first of these child nodes is labeled “The present invention License Servers” and contains 0 . . . n child nodes, one for each of the license servers registered with the IDE. The second of theses child nodes is labeled “The present invention Network License Managers” and contains 0 . . . n child nodes, one for each of the network license manager servers registered with the IDE. In both cases the present invention's License Servers and the present invention's Network License Managers, the default text of the tree node is the same as the machine name of the registered server, however this label can be changed to an end-user defined value.
  • Sub-nodes common to both the “The present invention License Servers” node and the “The present invention Network License Servers” node are the “Customers”, “Reports”, “Users”, and “Application Configuration” nodes. The “The present invention License Servers” sub-node also has 2 sub-nodes that are unique to the “The present invention License Servers” node. These two sub-nodes are the “Products” sub-node and the “Pending License Requests” sub-node. The “The present invention Network License Servers” sub-node also has 2 sub-nodes unique to it. These subnodes are the “License Pools” sub-node and the “Orphaned Licenses” sub-node.
  • This section enumerates the actions that the GUI takes when individual tree nodes are clicked upon. When the present invention License Servers node is left clicked, the “License Server List” editor is displayed in the editors pane of the GUI. When the present invention Network License Management Servers node is left clicked, the “Network License Management Servers List” editor is displayed in the editors pane of the GUI. Specific When a specific the present invention license server is selected from the list of the present invention license servers listed as children of the “The present invention License Servers” node, the “The present invention License Server” editor is launched and populated with the details of the server selected in the tree. When a specific the present invention network license management server is selected from the list of the present invention license servers listed as children of the “The present invention Network License Management Servers” node, the “The present invention Network License Management Server” editor is launched and populated with the details of the server selected in the tree. When a “Customers” node directly under a specific server is clicked, the Customers Editor is launched in the editors pane of the GUI and the customer list of the Customers Editor is populated with the customers registered with the specific server. When a “Users” node directly under a specific server is clicked, the Users Editor is launched in the editors pane of the GUI and the user list of the Users Editor is populated with the users registered with the specific server. When a “Products” node directly under a specific server is clicked, the Products Editor is launched in the editors pane of the GUI and the product list of the Products Editor is populated with the products registered with the specific server. Pending License Requests Node. When a “Pending License Requests” node directly under a specific server is clicked, the Pending License Requests Editor is launched in the editors pane of the GUI. When a “Server Configuration” node directly under a specific server is clicked, the Server Configuration Editor is launched in the editors pane of the GUI.
  • When a “TCP/IP Settings” node under a specific server is clicked, the TCP/IP Settings Editor is launched in the editors pane of the GUI and the TCP/IP settings for the selected server are populated in the editor. When a “Security Settings” node under a specific server is clicked, the Security Settings Editor is launched in the editors pane of the GUI and the Security settings for the selected server are populated in the editor. When a “Logging Settings” node under a specific server is clicked, the Logging Settings Editor is launched in the editors pane of the GUI and the Logging settings for the selected server are populated in the editor. When a “Database Settings” node under a specific server is clicked, the Database Settings Editor is launched in the editors pane of the GUI and the Database settings for the selected server are populated in the editor. When a “License Pools” node directly under a specific server is clicked, the License Pools Editor is launched in the editors pane of the GUI and the customer list of the License Pools Editor is populated with the customers registered with the specific server. When a “Orphaned Licenses” node directly under a specific server is clicked, the Orphaned Licenses Editor is launched in the editors pane of the GUI and the customer list of the Orphaned Licenses Editor is populated with the customers registered with the specific server. When the business rules tree node is clicked the system opens one of two different editor windows. If the selected scripting language is Java then a Java editor window that has the event functions already setup. If the scripting language is C++ then a C++ scripting window is opened. If the language is C# or VB or uses COM then the code will need to be written and compiled in Visual Studio, and is thus outside the scope of this IDE, however some mechanism to indicate which language the server should call to run the scripted business rules needs to be included.
  • Now referring to FIGS. 9 and 10, the customer editor 87 is used to enter or edit customer information as well as to view a license history for that customer. The editor is comprised of two major sections, which are the customer results grid section 89 and the customer details section 90. The customer details section is further broken down into two sections which are customer information, and the license history.
  • FIG. 11 illustrates the Sever General Configuration 89 which is displayed in a second area 92 and is comprised of Timeout and Keep Alive Settings.
  • Referring to FIGS. 12 and 13 the values in the Cluster Configuration heading 90 and 91 fall under one of two categories. These categories are “Overall Cluster Configuration” 93 and “Cluster Node Configuration” 94. The first of these, Overall Cluster Configuration 93 is represented in FIG. 12. This first category is comprised of five variables which are: Worker Maintenance Interval, Enable Sticky Sessions, Force Sticky Sessions, Load Balance Method, and Memory Locking Method. The second category is comprised of eight variable which are: host address, load balancing factor, socket timeout, enable socket keep alive, Request Retries, Connection Pool Size, Minimum Connection Pool Size, and Connection Pool Timeout.
  • Finally, FIG. 14 illustrates the Product Editor 92 which is displayed in a second area 95 and includes such variables as product name, product version, product system ID, product unique identification information and attribute fields.
  • There are 3 possible installation and deployment configurations for the present invention License Server and Network License Manager Server. These three configurations are: stand alone, cluster manager, and cluster worker.
  • The Stand Alone configuration installs both the Apache 2.0.x http server with the appropriate The present invention modules as well as the Apache Tomcat Java application server. In addition to these two applications the installation will also write out the appropriate configuration files (i.e. mod_jk.conf, httpd.conf, ssl.conf, nw_firewall.conf, etc).
  • The Cluster Manager configuration installs only the Apache 2.0.x http server without the The present invention modules. The configuration files that are written are specific to the mod_jk clustering schema. These files are httpd.conf, ssl.conf, nw_firewall.com, mod_jk.conf and workers.properties.
  • The Cluster Worker configuration is virtually identical to the Stand Alone installation with the added requirement of informing the Cluster Manager of it's installation and providing its information to the Cluster Manager so that the Cluster Manager may update its configuration with the new worker data.
  • It is appreciated that the optimum dimensional relationships for the parts of the invention, to include variation in size, materials, shape, form, function, and manner of operation, assembly and use, are deemed readily apparent and obvious to one of ordinary skill in the art, and all equivalent relationships to those illustrated in the drawings and described in the above description are intended to be encompassed by the present invention.
  • Furthermore, other areas of art may benefit from this method and adjustments to the design are anticipated. Thus, the scope of the invention should be determined by the appended claims and their legal equivalents, rather than by the examples given.

Claims (18)

1. A software license management and issuance system recorded on computer-readable medium and capable of execution by a computer comprising:
a license client,
said license client further comprising:
an identity management subsystem, a license validation subsystem, and
a license monitoring system; and
a license server,
said license server further comprising:
an identity management system, a database interference subsystem, a web server, a server clustering subsystem, a license issuance subsystem, and a license validation subsystem.
2. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 1 further comprising a network license manager as means for facilitating and managing concurrent license usage, said network license manager further comprised of an identity management subsystem, a database interference subsystem, a web server, a server clustering subsystem, a license pooling subsystem, a license validation subsystem, and a license monitoring subsystem.
3. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 2 wherein an interaction between the licensing client, licensing system, and network license manage of the system is accomplished via messaging, each message being encrypted and signed for security and authentication purposes.
4. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 2 further comprising a license monitor providing means for monitoring process for all licenses in use by clients.
5. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 4 wherein when a periodic client license check-in is required for a license or a number of licenses, then the license monitor will monitor the statistics updated by an update client usage information method;
if said statistics exceed allowed values then the license will be declared an orphan and be reclaimed by the network license manager; and
if a last checking time for the client was ten minutes and one second, then the license would be declared orphaned and reclaimed.
6. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 5 wherein
the license monitor provides means for a limited runs evaluation that combines a number of allowed runs property with a license run count property to determine if the license has expired;
the license monitor is further comprised of a software lease providing means for checking that two conditions are valid before proceeding;
a first condition to be checked ensures that the current system date is greater than or equal to the license valid start time property.
a second condition to be checked ensures that the current system time is less than or equal to the license valid end time property; and
upon use of the license the license monitor will check a current system time against a last used date property and validate that the current system time is not earlier than the last used date property; and
a count uses license will increment a license run count property.
7. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer, said method comprising the steps of:
making an external request from a client server;
selecting a client, a request for a local license, and customer registration to a license server;
determining if the license has been tampered with;
determining if the license has not expired;
returning an error message if tampering or expiration is determined, otherwise continuing with the following method steps;
initiating a request from a server side from either a request from the local license and customer registration or from an electronically transmitted file to a customer service representative;
determining a request type and processing the license request to determine if a customer is registered;
if the customer is not registered, a certificate and customer's public key is issued and sent to the client,
if the customer is registered, the analysis of the license continues;
determining if server will handle the product of the license request, and if so, the server will continue the analysis, but if not, the server will return a response indicating such to the client;
if the server does handle the product and the customer is registered, the system places a call to the end user business rules script and determines if the request has been rejected; and
if the request has been rejected a message will be sent to the client, and if not a determination on whether a license can be issued and the answer returned to the client.
8. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 wherein valid license types issued by the system of the present invention includes unrestricted, limited time evaluation, limited runs evaluation, software lease, and count uses.
9. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 8 wherein the unrestricted license type places no restrictions on how long the user of the license may continue to use the software.
10. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 8 wherein the limited time evaluation license will evaluate a license time duration, license time unit, and license timer start variables to create a time span that will then be compared against a current system time to determine if the license time period has been exceeded.
11. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the steps of the client side server;
receiving an input to start a selected client operation for a concurrent network license;
immediately and directly accesses a network license manager for analysis of the request type and additional process steps of the network license manager; and
sending a message to the client at the conclusion of the network license manager's processes.
12. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the steps of the process of the network license manager
creating a license pool comprising a group of licenses that are controlled and allowed to be used based on a set of configuration parameters
said license pool consists of one or more subpools
receipt of input to the network license manager;
initiation of analysis of the request type to determine if the customer is registered is run;
if the customer is not registered a certificate and customer's public key is issued and sent to the client, and the customer is registered;
concurrently, the license is checked for valid credentials and caller permission to check out the license;
if the license is invalid or the caller has no rights, a message is sent to the client;
a check is done to determine if the license pool has any available licenses;
if so, a valid license is marked in use and returned to the client;
if the license pool does not have an available license an overflow pool is checked for available licenses;
if an overflow pool license is available a valid license is marked in use and returned to the client in a message; and
if no overflow pool license is available a message stating such is returned to the client.
13. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the steps of the business rules callback processing, said business rules callback processing is accomplished via one of three options
a first option wherein when the license server and network license manager starts,
reading a directive named “BusinessRule” from a configuration file, said directive can have four values which are “UserCompiled”, “Java”, “DotNet”, or “NotImplemented”;
in the case of “NotImplimented” the function will simply return immediately.
a second option wherein the client side server and a user interface consists of three routines,
a first routine wherein .NET code is written to the user interface, which is then compiled and uploaded to the server, and its compiled in to .NET assembly;
a second routine wherein the of the code is written to the user interface, compiled, and then uploaded as a shared library or dll file to the server and its compiled object; and
a third routine where the writing of the java code, which is then compiled and uploaded to the server as a Java class file.
14. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 14 wherein, on the server side,
a server request is first received from a license client, which triggers a callback function;
the configuration file next indicates that the server should use Java code and then uses a Business Rule Directive from the configuration file to determine if it should continue to use Java or switch to User Compiled or .NET to further process the request;
if java is continued the system calls the java class with the serialized request and obtains if from the java class file;
if the serialized request is to be processed via user compiled, the system calls out to the users compiled shared library and obtains the information from the complied object; and
if the serialized request is to be processed via .NET, then the system calls out to the user's .NET assembly and obtains the information form the compiles .NET assembly.
15. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 comprising the following steps
upon the client's receipt of a response message form the network license manager;
if the response is based on invalid credentials, no rights, or no available license an error message is returned to the user;
if the response is valid and a license is returned, the license is added to the active license list and time cycle is started in the license revalidation timer;
when the timer cycle expires the first step is to determine if the license has expired since the last check;
if the license has expired an error message is returned to the user;
if it has not expired the next step is to determine if the network license manager can be contacted;
if the network license manager can not be contacted, then a check is run to determine if the maximum number of missed network license manager updates limit has been exceeded,
if not the process returns to the revalidation timer,
if it has been exceeded an error message is returned to the user;
if the network license manager is contacted, then a check to determine if the license has been reclaimed by the network license manager is run; and
if the network license manager has reclaimed the license an error message is returned to the user, if not the process returns to the revalidation timer.
16. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the additional steps when a customer service representative or other human interaction is required by a user during the process of the system of the present invention;
when a user starts the process on the client side and selects a client operation a request is made by file or an offline key request is submitted; and
the file request is followed by a license request made by a file that is electronically transmitted to a customer service representative who then accesses the server, which results in the issuance of an offline license via file transactions.
17. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the additional steps when a customer service representative or other human interaction is required by a user during the process of the system of the present invention;
an offline key request is provided to a customer service representative by the user so that the customer service representative can input the client key and license parameters and process offline the key request and generate and offline authorization code that is then provided to the user.
18. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 6 wherein
DLLs are required to be digitally signed, so said signature can then be compared by the employing application and validated that the signature of the DLL it is using matches the known-good signature;
licenses are signed by the license server registered with the license client that requested the license including the server's encryption and signature public keys in the form of digital certificates, each time the license is used the license's signature is validated against the server's signature certificate to ensure that the license has been issued by a valid license server;
a client database contains unique data about the machine that the software is running on and each time the software is run, the software will validate that the equipment that it is running on matches the data it has stored in it's database; and
each time a license is used the time is checked against the last used system time, if the current system time is greater than the last used system time the last used system time is updated to the current time.
US11/695,338 2007-04-02 2007-04-02 System and Method for Software License Management for Concurrent License Management and Issuance Abandoned US20080244754A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US11/695,338 US20080244754A1 (en) 2007-04-02 2007-04-02 System and Method for Software License Management for Concurrent License Management and Issuance
US12/402,569 US8069119B2 (en) 2007-04-02 2009-03-12 System and method for software license management for concurrent license management and issuance

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US11/695,338 US20080244754A1 (en) 2007-04-02 2007-04-02 System and Method for Software License Management for Concurrent License Management and Issuance

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US12/402,569 Division US8069119B2 (en) 2007-04-02 2009-03-12 System and method for software license management for concurrent license management and issuance

Publications (1)

Publication Number Publication Date
US20080244754A1 true US20080244754A1 (en) 2008-10-02

Family

ID=39796679

Family Applications (2)

Application Number Title Priority Date Filing Date
US11/695,338 Abandoned US20080244754A1 (en) 2007-04-02 2007-04-02 System and Method for Software License Management for Concurrent License Management and Issuance
US12/402,569 Expired - Fee Related US8069119B2 (en) 2007-04-02 2009-03-12 System and method for software license management for concurrent license management and issuance

Family Applications After (1)

Application Number Title Priority Date Filing Date
US12/402,569 Expired - Fee Related US8069119B2 (en) 2007-04-02 2009-03-12 System and method for software license management for concurrent license management and issuance

Country Status (1)

Country Link
US (2) US20080244754A1 (en)

Cited By (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100088413A1 (en) * 2008-10-02 2010-04-08 Sony Corporation License managing apparatus, license managing method, and license managing system
WO2010111165A1 (en) * 2009-03-24 2010-09-30 Snap-On Incorporated System and method for rendering a set of program instructions as executable or non-executable
US20100325149A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Auditing Software Usage
US20100325200A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Software Activation Through Digital Media Fingerprinting
US20110009092A1 (en) * 2009-07-08 2011-01-13 Craig Stephen Etchegoyen System and Method for Secured Mobile Communication
US20110072522A1 (en) * 2009-09-22 2011-03-24 Vikram Koka System and Method for Capacity Licensing
US20110083177A1 (en) * 2009-10-07 2011-04-07 International Business Machines Corporation Software license management
US20110131115A1 (en) * 2008-06-17 2011-06-02 Sony Computer Entertainment Inc. Information processing device
US20110145568A1 (en) * 2009-12-14 2011-06-16 International Business Machines Corporation Handling of the usage of software in a disconnected computing environment
EP2273411A3 (en) * 2009-06-24 2011-08-31 Uniloc Usa, Inc. Systems and methods for determining authorization to operate licensed software based on a client device fingerprint
US20110247085A1 (en) * 2010-03-30 2011-10-06 Hon Hai Precision Industry Co., Ltd. Electronic device and method of protecting software
US20120185593A1 (en) * 2009-11-23 2012-07-19 Zhongwen Zhu License redistributing method, moderator and license controlling system thereof
WO2012127223A2 (en) 2011-03-22 2012-09-27 Centrix Networking Limited Computer system and method
US20130204987A1 (en) * 2012-02-02 2013-08-08 Ritesh H. Patani Hardware device name resolution for deterministic configuration in a network appliance
US8566960B2 (en) 2007-11-17 2013-10-22 Uniloc Luxembourg S.A. System and method for adjustable licensing of digital products
US8874891B2 (en) 2010-05-20 2014-10-28 Hewlett-Packard Development Company, L.P. Systems and methods for activation of applications using client-specific data
CN104123482A (en) * 2014-07-08 2014-10-29 攀钢集团攀枝花钢钒有限公司 Method for generating machine code and registration code and method for software registration and function limiting
US20140337987A1 (en) * 2007-02-01 2014-11-13 Microsoft Corporation Secure serial number
US20150336005A1 (en) * 2014-05-20 2015-11-26 Cadillac Jack Electronic gaming system with central game licensing
US20150356292A1 (en) * 2009-06-03 2015-12-10 Apple Inc. Methods and apparatuses for secure compilation
EP3062254A1 (en) * 2015-02-26 2016-08-31 BlackBerry Limited License management for device management system
US9633183B2 (en) 2009-06-19 2017-04-25 Uniloc Luxembourg S.A. Modular software protection
US9880819B2 (en) 2009-06-03 2018-01-30 Apple Inc. Methods and apparatuses for a compiler server
US10015279B2 (en) 2014-11-13 2018-07-03 Blackberry Limited Application assignment reconciliation and license management
WO2018179225A1 (en) * 2017-03-30 2018-10-04 株式会社オプティム Computer system, license management method and program
US10320556B2 (en) * 2016-01-25 2019-06-11 Ping An Technology (Shenzhen) Co., Ltd. Method, mobile terminal, device, and readable storage medium for preventing accessed data from being tampered with
US10320611B2 (en) * 2017-10-04 2019-06-11 Servicenow, Inc. Guided configuration item class creation in a remote network management platform
US20200394284A1 (en) * 2018-02-13 2020-12-17 Sony Corporation Electronic device, information processing apparatus, information processing method, program, and information processing system
US20210218722A1 (en) * 2017-11-01 2021-07-15 Citrix Systems, Inc. Dynamic crypto key management for mobility in a cloud environment
US11113366B2 (en) * 2017-06-06 2021-09-07 Infosys Limited Cryptographic mechanisms for software setup using token-based two-factor authentication
US20210390645A1 (en) * 2020-06-16 2021-12-16 OSAAP America, LLC Offline License Distribution Device
US11336524B2 (en) * 2017-10-04 2022-05-17 Servicenow, Inc. Guided configuration item class creation in a remote network management platform
US11379560B2 (en) * 2019-03-18 2022-07-05 ServiceNow Inc. Systems and methods for license analysis
US20230126059A1 (en) * 2021-10-22 2023-04-27 Sap Se Development landscape build system
CN116451182A (en) * 2023-04-27 2023-07-18 芯华章科技(深圳)有限公司 Method, apparatus and storage medium for managing license

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8370416B2 (en) * 2006-04-26 2013-02-05 Hewlett-Packard Development Company, L.P. Compatibility enforcement in clustered computing systems
US20090205021A1 (en) * 2007-11-09 2009-08-13 Corbis Corporation Management of rights clearance negotiations and brokering over a network
US8589264B2 (en) 2009-10-19 2013-11-19 International Business Machines Corporation Token licensing mapping costs to enabled software tool features
JP4909431B2 (en) * 2010-05-14 2012-04-04 株式会社エヌ・ティ・ティ・ドコモ License issuing system, client terminal, server, and license issuing method
US9077745B1 (en) 2010-08-04 2015-07-07 Saint Corporation Method of resolving port binding conflicts, and system and method of remote vulnerability assessment
US8904174B2 (en) 2011-03-22 2014-12-02 International Business Machines Corporation System, method and computer program product for product license management
US10701141B2 (en) * 2016-06-30 2020-06-30 International Business Machines Corporation Managing software licenses in a disaggregated environment
US10146518B1 (en) * 2017-05-25 2018-12-04 Dell Products L.P. Smart retention policy appliance for legal compliance

Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5138712A (en) * 1989-10-02 1992-08-11 Sun Microsystems, Inc. Apparatus and method for licensing software on a network of computers
US5553143A (en) * 1994-02-04 1996-09-03 Novell, Inc. Method and apparatus for electronic licensing
US5615269A (en) * 1996-02-22 1997-03-25 Micali; Silvio Ideal electronic negotiations
US5671412A (en) * 1995-07-28 1997-09-23 Globetrotter Software, Incorporated License management system for software applications
US5790664A (en) * 1996-02-26 1998-08-04 Network Engineering Software, Inc. Automated system for management of licensed software
US6189145B1 (en) * 1997-05-28 2001-02-13 International Business Machines Corporation Concurrent patch to logical partition manager of a logically partitioned system
US6260141B1 (en) * 1997-09-19 2001-07-10 Hyo Joon Park Software license control system based on independent software registration server
US20020091645A1 (en) * 2000-12-20 2002-07-11 Kagemoto Tohyama Software licensing system
US6574612B1 (en) * 1999-02-19 2003-06-03 International Business Machines Corporation License management system
US20050049973A1 (en) * 2003-09-02 2005-03-03 Read Mark A. Method and program for automated management of software license usage by monitoring and disabling inactive software products
US20050102240A1 (en) * 1998-03-18 2005-05-12 Microsoft Corporation System and method for software licensing
US6901386B1 (en) * 2000-03-31 2005-05-31 Intel Corporation Electronic asset lending library method and apparatus
US7013294B1 (en) * 1997-07-15 2006-03-14 Shinko Electric Industries Co., Ltd. License management system
US7111161B2 (en) * 2003-02-03 2006-09-19 Hitachi, Ltd. Common storage system shared by one or more computers and information processing system having the same

Patent Citations (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5138712A (en) * 1989-10-02 1992-08-11 Sun Microsystems, Inc. Apparatus and method for licensing software on a network of computers
US5553143A (en) * 1994-02-04 1996-09-03 Novell, Inc. Method and apparatus for electronic licensing
US5671412A (en) * 1995-07-28 1997-09-23 Globetrotter Software, Incorporated License management system for software applications
US5615269A (en) * 1996-02-22 1997-03-25 Micali; Silvio Ideal electronic negotiations
US5790664A (en) * 1996-02-26 1998-08-04 Network Engineering Software, Inc. Automated system for management of licensed software
US6189145B1 (en) * 1997-05-28 2001-02-13 International Business Machines Corporation Concurrent patch to logical partition manager of a logically partitioned system
US7013294B1 (en) * 1997-07-15 2006-03-14 Shinko Electric Industries Co., Ltd. License management system
US6260141B1 (en) * 1997-09-19 2001-07-10 Hyo Joon Park Software license control system based on independent software registration server
US20050102240A1 (en) * 1998-03-18 2005-05-12 Microsoft Corporation System and method for software licensing
US6574612B1 (en) * 1999-02-19 2003-06-03 International Business Machines Corporation License management system
US6901386B1 (en) * 2000-03-31 2005-05-31 Intel Corporation Electronic asset lending library method and apparatus
US20020091645A1 (en) * 2000-12-20 2002-07-11 Kagemoto Tohyama Software licensing system
US7111161B2 (en) * 2003-02-03 2006-09-19 Hitachi, Ltd. Common storage system shared by one or more computers and information processing system having the same
US20050049973A1 (en) * 2003-09-02 2005-03-03 Read Mark A. Method and program for automated management of software license usage by monitoring and disabling inactive software products

Cited By (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140337987A1 (en) * 2007-02-01 2014-11-13 Microsoft Corporation Secure serial number
US9292665B2 (en) * 2007-02-01 2016-03-22 Microsoft Technology Licensing, Llc Secure serial number
US8566960B2 (en) 2007-11-17 2013-10-22 Uniloc Luxembourg S.A. System and method for adjustable licensing of digital products
US20110131115A1 (en) * 2008-06-17 2011-06-02 Sony Computer Entertainment Inc. Information processing device
US10748208B2 (en) * 2008-06-17 2020-08-18 Sony Interactive Entertainment Inc. Scheme for processing rental content in an information processing apparatus
US20100088413A1 (en) * 2008-10-02 2010-04-08 Sony Corporation License managing apparatus, license managing method, and license managing system
WO2010111165A1 (en) * 2009-03-24 2010-09-30 Snap-On Incorporated System and method for rendering a set of program instructions as executable or non-executable
US9880819B2 (en) 2009-06-03 2018-01-30 Apple Inc. Methods and apparatuses for a compiler server
US9946873B2 (en) * 2009-06-03 2018-04-17 Apple Inc. Methods and apparatuses for secure compilation
US20150356292A1 (en) * 2009-06-03 2015-12-10 Apple Inc. Methods and apparatuses for secure compilation
US10489562B2 (en) 2009-06-19 2019-11-26 Uniloc 2017 Llc Modular software protection
US9633183B2 (en) 2009-06-19 2017-04-25 Uniloc Luxembourg S.A. Modular software protection
US20100325200A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Software Activation Through Digital Media Fingerprinting
US20100325149A1 (en) * 2009-06-22 2010-12-23 Craig Stephen Etchegoyen System and Method for Auditing Software Usage
EP2273411A3 (en) * 2009-06-24 2011-08-31 Uniloc Usa, Inc. Systems and methods for determining authorization to operate licensed software based on a client device fingerprint
US8213907B2 (en) 2009-07-08 2012-07-03 Uniloc Luxembourg S. A. System and method for secured mobile communication
US20110009092A1 (en) * 2009-07-08 2011-01-13 Craig Stephen Etchegoyen System and Method for Secured Mobile Communication
US20110072522A1 (en) * 2009-09-22 2011-03-24 Vikram Koka System and Method for Capacity Licensing
US8850607B2 (en) * 2009-09-22 2014-09-30 Flexera Software Llc System and method for capacity licensing
US8850605B2 (en) 2009-09-22 2014-09-30 Flexera Software Llc System and method for capacity licensing
US8601540B2 (en) * 2009-10-07 2013-12-03 International Business Machines Corporation Software license management
US20110083177A1 (en) * 2009-10-07 2011-04-07 International Business Machines Corporation Software license management
US20120185593A1 (en) * 2009-11-23 2012-07-19 Zhongwen Zhu License redistributing method, moderator and license controlling system thereof
US8966086B2 (en) * 2009-11-23 2015-02-24 Telefonaktiebolaget Lm Ericsson (Publ) License redistributing method, moderator and license controlling system thereof
US8745375B2 (en) 2009-12-14 2014-06-03 International Business Machines Corporation Handling of the usage of software in a disconnected computing environment
US20110145568A1 (en) * 2009-12-14 2011-06-16 International Business Machines Corporation Handling of the usage of software in a disconnected computing environment
US8375460B2 (en) * 2010-03-30 2013-02-12 Hon Hai Precision Industry Co., Ltd. Electronic device and method of protecting software
US20110247085A1 (en) * 2010-03-30 2011-10-06 Hon Hai Precision Industry Co., Ltd. Electronic device and method of protecting software
US8874891B2 (en) 2010-05-20 2014-10-28 Hewlett-Packard Development Company, L.P. Systems and methods for activation of applications using client-specific data
WO2012127223A2 (en) 2011-03-22 2012-09-27 Centrix Networking Limited Computer system and method
US9213676B2 (en) * 2012-02-02 2015-12-15 Dialogic Incorporated Hardware device name resolution for deterministic configuration in a network appliance
US20130204987A1 (en) * 2012-02-02 2013-08-08 Ritesh H. Patani Hardware device name resolution for deterministic configuration in a network appliance
US20150336005A1 (en) * 2014-05-20 2015-11-26 Cadillac Jack Electronic gaming system with central game licensing
CN104123482A (en) * 2014-07-08 2014-10-29 攀钢集团攀枝花钢钒有限公司 Method for generating machine code and registration code and method for software registration and function limiting
US10015279B2 (en) 2014-11-13 2018-07-03 Blackberry Limited Application assignment reconciliation and license management
EP3062254A1 (en) * 2015-02-26 2016-08-31 BlackBerry Limited License management for device management system
US9600810B2 (en) 2015-02-26 2017-03-21 Blackberry Limited License management for device management system
US10320556B2 (en) * 2016-01-25 2019-06-11 Ping An Technology (Shenzhen) Co., Ltd. Method, mobile terminal, device, and readable storage medium for preventing accessed data from being tampered with
US11061995B2 (en) 2017-03-30 2021-07-13 Optim Corporation Computer system, license management method and program
WO2018179225A1 (en) * 2017-03-30 2018-10-04 株式会社オプティム Computer system, license management method and program
JPWO2018179225A1 (en) * 2017-03-30 2019-04-04 株式会社オプティム Computer system, license management method and program
CN110366724A (en) * 2017-03-30 2019-10-22 株式会社OPTiM Computer system, licence managing method and program
US11113366B2 (en) * 2017-06-06 2021-09-07 Infosys Limited Cryptographic mechanisms for software setup using token-based two-factor authentication
US11336524B2 (en) * 2017-10-04 2022-05-17 Servicenow, Inc. Guided configuration item class creation in a remote network management platform
US11108635B2 (en) * 2017-10-04 2021-08-31 Servicenow, Inc. Guided configuration item class creation in a remote network management platform
US10742504B2 (en) * 2017-10-04 2020-08-11 Servicenow, Inc. Guided configuration item class creation in a remote network management platform
US10320611B2 (en) * 2017-10-04 2019-06-11 Servicenow, Inc. Guided configuration item class creation in a remote network management platform
US20220278898A1 (en) * 2017-10-04 2022-09-01 Servicenow, Inc. Guided configuration item class creation in a remote network management platform
US11627120B2 (en) * 2017-11-01 2023-04-11 Citrix Systems, Inc. Dynamic crypto key management for mobility in a cloud environment
US20210218722A1 (en) * 2017-11-01 2021-07-15 Citrix Systems, Inc. Dynamic crypto key management for mobility in a cloud environment
US11693929B2 (en) * 2018-02-13 2023-07-04 Sony Corporation Electronic device, information processing apparatus, information processing method, and information processing system
US20200394284A1 (en) * 2018-02-13 2020-12-17 Sony Corporation Electronic device, information processing apparatus, information processing method, program, and information processing system
US11379560B2 (en) * 2019-03-18 2022-07-05 ServiceNow Inc. Systems and methods for license analysis
US20210390645A1 (en) * 2020-06-16 2021-12-16 OSAAP America, LLC Offline License Distribution Device
US20230126059A1 (en) * 2021-10-22 2023-04-27 Sap Se Development landscape build system
US11861363B2 (en) * 2021-10-22 2024-01-02 Sap Se Development landscape build system
CN116451182A (en) * 2023-04-27 2023-07-18 芯华章科技(深圳)有限公司 Method, apparatus and storage medium for managing license

Also Published As

Publication number Publication date
US20090177740A1 (en) 2009-07-09
US8069119B2 (en) 2011-11-29

Similar Documents

Publication Publication Date Title
US8069119B2 (en) System and method for software license management for concurrent license management and issuance
CA2874189C (en) Cyber security analzer
US20070180490A1 (en) System and method for policy management
Ellison et al. Evaluating and mitigating software supply chain security risks
US20070198427A1 (en) Computer service licensing management
US20070233538A1 (en) Systems, methods, and apparatus to manage offshore software development
US20070198428A1 (en) Purchasing of computer service access licenses
US20040088560A1 (en) Secure system access
JP2005503596A (en) Resource sharing system and method
US11216423B2 (en) Granular analytics for software license management
EP3835978A1 (en) Software license manager
US20070240223A1 (en) Systems, methods, and apparatus to manage offshore software development
JP2005092649A (en) Digital data installation system, digital data installation method, program, and recording medium with program recorded thereon
US11593463B2 (en) Execution type software license management
Purba et al. Assessing Privileged Access Management (PAM) using ISO 27001: 2013 Control
US20210182364A1 (en) Software license manager security
Braithwaite Securing e-business systems: A guide for managers and executives
US20220353267A1 (en) Framework for automated operator access to infrastructure in a cloud service
Carruthers Account Security
Julbe Moya Information technology audit principles applied to risk assessment in the infrastructure layer
Scanlon World Wide Web Application Security
Carlsson Developing an efficient software protection and licensing scheme
Fitzgerald Security and data integrity for LANs and WANs
Turnbull Hardening the Basics
Buecker et al. IBM Tivoli Security Compliance Manager

Legal Events

Date Code Title Description
STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION