US20080244754A1 - System and Method for Software License Management for Concurrent License Management and Issuance - Google Patents
System and Method for Software License Management for Concurrent License Management and Issuance Download PDFInfo
- Publication number
- US20080244754A1 US20080244754A1 US11/695,338 US69533807A US2008244754A1 US 20080244754 A1 US20080244754 A1 US 20080244754A1 US 69533807 A US69533807 A US 69533807A US 2008244754 A1 US2008244754 A1 US 2008244754A1
- Authority
- US
- United States
- Prior art keywords
- license
- server
- computer
- client
- software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 66
- 230000008569 process Effects 0.000 claims description 31
- 230000004044 response Effects 0.000 claims description 9
- 238000004458 analytical method Methods 0.000 claims description 8
- 238000011156 evaluation Methods 0.000 claims description 8
- 238000012544 monitoring process Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 6
- 238000012419 revalidation Methods 0.000 claims description 6
- 238000010200 validation analysis Methods 0.000 claims description 6
- 230000003993 interaction Effects 0.000 claims description 5
- 238000013475 authorization Methods 0.000 claims description 3
- 230000000977 initiatory effect Effects 0.000 claims description 3
- 238000013515 script Methods 0.000 claims description 3
- 230000000737 periodic effect Effects 0.000 claims description 2
- 238000011176 pooling Methods 0.000 claims description 2
- 230000006870 function Effects 0.000 description 10
- 238000009434 installation Methods 0.000 description 4
- 238000012827 research and development Methods 0.000 description 4
- 230000007123 defense Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000004224 protection Effects 0.000 description 2
- 230000003466 anti-cipated effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005538 encapsulation Methods 0.000 description 1
- PWPJGUXAGUPAHP-UHFFFAOYSA-N lufenuron Chemical compound C1=C(Cl)C(OC(F)(F)C(C(F)(F)F)F)=CC(Cl)=C1NC(=O)NC(=O)C1=C(F)C=CC=C1F PWPJGUXAGUPAHP-UHFFFAOYSA-N 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000026676 system process Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2147—Locking files
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
Definitions
- the present invention relates generally to a system and method for software license management. More specifically the present invention relates to a system and method for software license management for concurrent license management and license issuance.
- the present invention is method and system for software license management. Many other software license management systems are taught or known in the prior art, but each has their own respective shortcomings on which the present invention improves or eliminates in addition to the additional elements taught by the present invention.
- U.S. Pat. No. 7,013,294 discloses a license management system for software which drives a single computer or a plurality of computers including: an application program for requesting a decision of the number of license which it needs to drive itself and for receiving issuance of the license; a number of license decision unit for determining the necessary number of licenses in accordance with the request from the application program; and a license management unit for issuing the number of licenses which was determined by the number of license decision unit. According to this invention, it is possible to provide a license management system enabling issuance of a license in which the sales strategy of a software maker was considered.
- U.S. Pat. No. 6,574,612 a method and system for providing flexibility to a license management system is disclosed.
- This license management system permits the concurrent use of multiple copies of a software program over a network comprising a plurality of client workstations, each client workstation having a copy of the software program installed thereon requiring an authorization from one of a plurality of license servers each time the software program is used.
- the license management system requires that at least the integer majority of the plurality of license servers is active at any time. This method and system allows a change to the number of license servers, but imposes several limitations.
- U.S. Pat. No. 5,138,712 teaches a software application wherein the verification and license check out functions which are normally performed by a license server of a network software license system.
- the encrypted license information is contained in a license token, and is sorted in the database controlled by the license server.
- the license server In contrast to the prior art where the license server either grants or denies the request after verifying the user's credentials, the license server here finds the correct license token for the software application and transmits the license token to the licensing library.
- U.S. Pat. No. 5,553,143 allows for the electronic management and enforcement of software licenses used only in a network or non-network environment to facilitate product licensing and upgrades. Further, it only accommodates the use of compact disc read-only memory (CD ROM) product distribution.
- CD ROM compact disc read-only memory
- U.S. Pat. No. 5,671,412 teaches an improved software license management system wherein a license server initializes a license database by receiving a package license description that includes component license descriptions for component software products in a package.
- a client computer system can request a license for a component product in a package.
- a license is granted to the client when the client is allowed to receive the license according to a license policy.
- U.S. Pat. No. 6,189,145 teaches a software licensing system includes a license generator located at a licensing clearinghouse and at least one license server and multiple clients located at a company or entity. When a company wants a software license, it sends a purchase request (and appropriate fee) to the licensing clearinghouse.
- the license generator at the clearinghouse creates a license pack containing a set of one or more individual software licenses.
- U.S. Pat. No. 6,260,141 teaches a software license control system based on independent software registration servers.
- the registration servers are open to all software manufacturers.
- a software product asks the user software license control program whether the user has a usage license for the software product.
- the user license control program checks the license file, received from a software registration server, and answers the software product.
- U.S. Patent Application Publication 20020091645 discloses a licensing system comprising an application information database into which a license management server machine stores a license menu containing a function, a term and a number of times and the like for which usage may be approved with respect to software to be usage-approved.
- a user terminal is capable of accessing the application information database via an Internet network. Therefore, according to this system o, a software license granting technique is provided in which a range of software licensing choices is expanded so that various user needs can be met even with the same single software, and unlawful copying of the software that is approved for use by the user can be eliminated.
- U.S. Patent Application Publication 20050102240 discloses a software licensing system includes a license generator located at a licensing clearinghouse and at least one license server and multiple clients located at a company or entity.
- a company wants a software license, it sends a purchase request and appropriate fee to the licensing clearinghouse.
- the license generator at the clearinghouse creates a license pack containing a set of one or more individual software licenses.
- the license generator digitally signs the license pack and encrypts it with the license server's public key.
- the license server is responsible for distributing the software licenses from the license pack to individual clients.
- the license server determines the client's operating system platform and grants the appropriate license.
- the license server digitally signs the software license and encrypts it using the client's public key.
- the license is stored locally at the client.
- the system of the present invention is designed to license software it is a natural target for anyone who wants the software and does not want to pay for it. Because this software is a target of “hackers” it must have defenses beyond the ordinary for protecting itself against those who seek to destroy its ability to perform its job of guarding software usage rights as defined by the software company that employs the system of the present invention to safeguard their software. To this end the system of the present invention will always employ the strongest security schema available to it based on the circumstances of the environment in which it is running. To ensure the highest degree of protection the system is designed with multiple layers of security that act independently of the others. While no system is completely secure, the intent of this design is to make the cost of breaking into the system so high as to be impractical.
- LMS License Management System
- LC License Client
- LS License Server
- NLM Network License Manager
- LMS License Management System
- LC License Client
- LS License Server
- LMS License Management System
- NLM Network License Manager
- the present invention is method and system for software license management that is recorded on computer-readable medium and capable of execution by a computer.
- the License Management System is comprised of three components. These three components are the License Client (LC), the License Server (LS) and the Network License Manager (NLM). For the system to function the LC and LS are required.
- the NLM exists to facilitate and manage concurrent license usage.
- the main patentable elements focus on the concurrent license management and method of license issuance.
- the License Server and Network License Manager both provide an API to allow end users to write scripts to implement business rules in the decision making process at critical events in the registration, issuance, or usage of a license or customer.
- the License Server and Network License Manager both provide an API to allow end users to extend the functionality of the license server and/or network license manager over multiple platform such as Windows operating systems, Unix, Linux, Mac OSX, Solaris, Various cell phone operating systems and various gaming systems such as Sony's PlayStation, Nintendo gaming systems, and Microsoft's Xbox gaming systems with real time notification when the license expires.
- the license client provides facilities to run multiple licenses concurrently to enable complex licensing criterion.
- the License Server and Network License Manager user interfaces provide a graphical method to implement logical business rules.
- the License Server allows licenses to be revoked or suspended after issuance.
- the Network License Manager provides encapsulations of a set of licenses in a logical container, named a license pool.
- Each pool has a set of configurable attributes that are applied to all licenses contained in that pool. These attributes allow for: the permanent license assignment, online or offline usage of a license, configurable number of missed license to NLM check ins before the license disables itself, and allow or disallow other pools to use a configurable number of licenses in the event that the other pool runs out of available licenses.
- FIG. 1 is a conceptual view of the licensing system of the present invention
- FIG. 2 is a flow chart illustrating Business Rules Callback Processing of the present invention
- FIG. 3 is a flow chart of the process of the Client Side of the present invention.
- FIG. 4 is a flow chart of the process of the Server Side of the present invention.
- FIGS. 5 a and 5 b are flow charts of the process of the Client Side of the present invention.
- FIG. 6 is a flow chart of the process of the Network License Manager of the present invention.
- FIG. 7 is a flow chart of the process of the Network License Manager and Client of the present invention.
- FIG. 8 is a flow chart of the process of the Server and Client of the present invention.
- FIG. 9 is a screen shot of the GUI of the present invention showing the customer editor
- FIG. 10 is a screen shot of the GUI of the present invention showing the user editor
- FIG. 11 is a screen shot of the GUI of the present invention showing the server's general configuration editor
- FIG. 12 is a screen shot of the GUI of the present invention showing the overall cluster configuration
- FIG. 13 is a screen shot of the GUI of the present invention showing the cluster node configuration
- FIG. 14 is a screen shot of the GUI of the present invention showing the product editor.
- the Licensing System 1 of the present invention is recorded on computer-readable medium and capable of execution by a computer and is comprised of three modules the interact via a multi-user network 14 such as the Internet. These modules are the License Client (LC) 13 , the License Server (LS) 6 , and the Network License Manager (NLM) 15 . For the licensing system to function the License Client 13 and License Server are required. In an alternative embodiment, the Network License Manager 15 exists to facilitate and manage concurrent license usage.
- LC License Client
- LS License Server
- NLM Network License Manager
- the License Server 6 further consists the following additional components: an identity management system 2 , database interference subsystem 3 , web server 4 , server clustering subsystem 5 , license issuance subsystem 96 and license validation subsystem 97 .
- the license manager 15 is further comprised of the following additional components: an identity management subsystem 20 , database interference subsystem 17 , web server 18 , server clustering subsystem 19 , license pooling subsystem 7 , license validation subsystem 8 , and license monitoring subsystem 9 .
- the Client 13 is further comprised of the following additional components: an identity management subsystem 12 , license validation subsystem 10 , and license monitoring system 11 .
- a message is defined as an XML document that conforms to a specific predefined schema. Each message is encrypted and signed for security and authentication purposes. A message is most often transmitted and received via an HTTP or HTTPS connection, although in a few special circumstances a message can be transferred from one component to another via the use of a file.
- FIG. 2 a flow chart illustrating the business rules callback processing of the present invention.
- Business rules callback processing is accomplished via one of three options.
- the License Server/Network License Manager starts, it reads a directive named “BusinessRule” from the configuration file.
- This directive can have four values which are “UserCompiled”, “Java”, “DotNet”, or “NotImplemented”. In the case of “NotImplimented” the function will simply return immediately.
- the Client Side/User Interface 96 consists of three routines, the first is the writing of .NET code to the user interface (UI) 98 , which is then compiled 99 and uploaded 100 to the server 97 and its compiled .NET assembly 110 ; the second is the writing of the C/C++ code to the UI 106 , compiled 108 , and then uploaded as a shared library or dll file to the server 107 and its compiled C/C++ object 109 ; and the third is the writing of the java code 101 , which is then compiled 102 and uploaded to the server 103 and its Java class file 116 .
- UI user interface
- a server request is first received from a license client 104 , which triggers a callback function 113 .
- the configuration file next indicates that the server should use Java code 114 and then uses a Business Rule Directive from the configuration file to determine if it should continue to use Java or switch to User Compiled or .NET to further process the request 115 .
- java is continued the system calls the java class with the serialized request 117 and obtains if from the java class file 116 .
- the serialized request is to be processed via user compiled, the system calls out to the users compiled shared library 111 and obtains the information from the complied C/C++ object 109 .
- the serialized request is to be processed via .NET, then the system calls out to the user's .NET assembly 112 and obtains the information form the compiles .NET assembly 110 .
- FIG. 3 is a flow chart of the process of the Client Side of the present invention.
- An external request as shown by continuation point “D” 83 starts 21 the client side process.
- the first step is to select a client 22 and a request for the local license and customer registration 24 is sent to the license server 25 , denoted as continuation point “C” 81 .
- the license server 25 denoted as continuation point “C” 81 .
- the client operation selection 22 is to use a local license 26 the system first determines if the license has been tampered with 29 . If tampering has occurred an error message 30 is returned and the operation stops. If the license has not been tampered with 29 a second check is made to ensure the license has not expired 28 , if expired an error message 30 is returned and the operation stops. If the license has not been tampered with and has not expired it is okay to use 27 and system returns to its start position 21 .
- FIG. 4 a flow chart of the process on the Server Side of the present invention is illustrated.
- the server side will be initiated from either a request for the local license and customer registration 24 received, denoted as continuation point “C” 81 or from an electronically transmitted file to a customer service representative, denoted as continuation point “B” 82 .
- a request type is first determined 36 and the system process the license request and determines if the customer is registered 32 in the database 38 . If the customer is not registered a certificate and customer's public key is issued 39 and sent to the client 42 , the customer is registered 40 and the analysis of the license continues 33 .
- the system will also determine if the server handles the product of the license request 31 , and if so, will continue its analysis, but if not, it will return a response indicating such 37 to the client 42 . If the server does handle the product and the customer is registered, the system places a call to the end user business rules script 34 and determines if the request has been rejected 35 . If the request has been rejected a message will be sent to the client 42 , and if not a determination on whether a license can be issued 41 and the answer returned to the client 42 .
- Valid license types issued by the system of the present invention includes: unrestricted, limited time evaluation, limited runs evaluation, software lease, and count uses.
- the unrestricted license type which places no restrictions on how long the user of the license may continue to use the software.
- the Limited Time Evaluation wherein the license will evaluate the License Time Duration, License Time Unit, and License Timer Start variables to create a time span that the license will then compare against the current system time to determine if the license time period has been exceeded, and as such expire itself.
- the license will check the current system time against the Last Used Date property and validate that the current system time is not earlier than the Last Used Date property. Once validated the Last Used Date will be updated to the current system time.
- the system may also incorporate a License Monitor to act as a monitoring process for all licenses in use by clients. If a periodic client license check-in is required for a license or a number of licenses, then this function will monitor the statistics updated by the Update Client Usage Info method. If those statistics exceed allowed values then the license will be declared an orphan and be reclaimed by the NLM. Exceeded statistics means, for example, that the license checked out by the client required that the client call the NLM every five minutes to update the NLM that the client was still alive and active and using the license, and that it could only miss two check-in cycles. If the License Monitor found that the last checking time for the client was ten minutes and one second, then the license would be declared orphaned and reclaimed. Production statistics and real-time monitoring will be on the order of milliseconds, not minutes and seconds.
- the Limited Runs Evaluation combines the Number Of Allowed Runs property with the License Run Count property to determine if the license has expired.
- the Software Lease checks that two conditions are valid before proceeding.
- the first condition to be checked is to ensure that the current system date is greater than or equal to the License Valid Star Time property. In the case that the current system time is less than the valid start time the license will return an error message.
- the second condition to be checked is to ensure that the current system time is less than or equal to the License Valid End Time property. If the current system time is greater than the License Valid End Time property the license will return an error message.
- the current system time is greater than the License Valid End Time property the license will return an error message.
- FIGS. 5 a and 5 b flow charts illustrating of the process of the Client Side of the present invention are shown.
- the system immediately and directly access the network license manager 15 , denoted as continuation point “E” 85 , for the analysis of the request type 46 and additional process steps of the network license manager 15 .
- continuation point “E” 85 the network license manager 15
- a return message is sent to the client 56 , denoted as continuation point “F” 86 that is delivered to client 13 , denoted as continuation point “A” 84 .
- FIG. 6 is a flow chart of the process of the Network License Manager of the present invention.
- the network license manager (NLM) is a server that sits on a customer's network and handles the management of concurrent network licenses.
- NLM network license manager
- One of the fundamental architectural organizations of this server is the concept of license pools.
- a license pool is a group of licenses that are controlled and allowed to be used based on a set of configuration parameters.
- Company XYZ has an NLM installed on its intranet.
- Three different departments in XYZ have purchased licenses for the same software product, but the funds have come from department budgets rather than an overall company budget. Because of this the Sales and Marketing department does not want the Research and Development department, who have a much higher demand for the limited number of licenses using all of Sales and Marketing's licenses when Sales and Marketing needs to use the software.
- the Administration department has a number of licenses but does not typically use them often, but must have access to the software when they need it.
- license pools there are three license pools. One each for Administration, Sales and Marketing, and Research and Development. Because R&D was getting the username and password for the Sales department's license pool, the Sales department has set the authentication level of their pool of licenses to require registration with the NLM and use the NLM issued PKI X.509 certificate for authentication against the pool before a license may be used by the requester. Sales has also set their maximum number of licenses that may be used in overflow requests to zero effectively turning off the overflow participation of their pool.
- the Research and Development department's pool has basic username/password authentication, as is the Administration's pool. More over the Administration's pool has their maximum number of licenses that may be used in overflow requests set to minus one ( ⁇ 1) which means that all licenses in the pool are available to overflow requests.
- the analysis of the request type 46 is initiated.
- a check to determine if the customer is registered is run 53 . If the customer is not registered a certificate and customer's public key is issued 54 and sent to the client 56 , and the customer is registered 55 . Concurrently, the license is checked 47 for valid credentials 48 and caller permission to check out the license 48 . If the license is invalid 57 or the caller has no rights 58 , a message is sent to the client 56 . Next a check is done to determine if the license pool has any available licenses 50 and if so a valid license is marked in use and returned to the client 52 in a message 56 .
- an overflow pool is checked for available licenses. If an overflow pool license is available a valid license is marked in use and returned to the client 52 in a message 56 . If no overflow pool license is available a message stating such 59 is returned to the client 56 .
- FIG. 7 a flow chart of the process of the Network License Manager 70 and Client 69 of the present invention are illustrated.
- a check of the response is started 60 . If the response is based on invalid credentials, no rights, or no available license an error message is returned to the user 61 . If the response is valid and a license is returned, the license is added to the active license list 62 and the time cycle is started in the license revalidation timer 63 . When the timer cycle expires the first step is to determine if the license has expired since the last check 64 .
- the next step is to determine if the network license manager can be contacted 65 . If the NLM can not be contacted, then a check is run to determine if the maximum number of missed NLM updates limit has been exceeded 66 , if not the process returns to the revalidation timer 63 , if it has been exceeded an error message is returned to the user 67 . If the NLM is contacted, then a check to determine if the license has been reclaimed by the NLM is run 68 . If the NLM has reclaimed the license an error message is returned to the user 61 , if not the process returns to the revalidation timer 63 .
- FIG. 8 is a flow chart of the process of the Server 72 and Client 71 of the present invention when a customer service representative or other human interaction is required by a user during the process of the system of the present invention.
- a request is made by file 75 or an offline key request is submitted 77 .
- the file request 75 is followed by a license request 76 made by a file that is electronically transmitted to a customer service representative 78 who then accesses the server, denoted as continuation point “B” 82 which results in the issuance of an offline license via file transactions.
- an offline key request 77 may be provided to a customer service representative 78 by the user 98 so that the customer service representative 78 can input the client key and license parameters 79 and process offline the key request and generate and offline authorization code 80 that is then provided to the user 98 .
- This system is designed to license software it is a natural target for anyone who wants the software and does not want to pay for it.
- this software is a target of “hackers” it must have defenses. Measures to disable the system of the present invention that have been taken into account by this document.
- One strategy for disabling the present invention is by replacing the DLL libraries.
- the present invention requires that the present invention DLLs be digitally signed. This signature can then be compared by the employing application and validated that the signature of the DLL it is using matches the known-good signature.
- Another method would be the manually writing of a license and feeding it into the present invention system, or altering an existing license.
- the system of the present invention requires license encryption i to prevent knowledge of the format of the license.
- licenses are signed by the present invention's License Server (LS) that issues them.
- This LS is also registered with the present invention License Client (LC) that requested the license.
- Included in this LS registration information is the server's encryption and signature public keys in the form of X.509 digital certificates.
- Each time the license is used the license's signature is validated against the server's signature X.509 certificate to ensure that the license has been issued by a valid LS.
- the license may call the issuing LS to ensure that it is still valid and has not been revoked. Should the call to the server fail the application will be notified of this via the programming construct of an event.
- different cryptographic methodologies and cryptographic keys are used in the various stages of the license issuance process.
- the client database contains unique data about the machine that the software is running on. Specifically the hard drive manufacturer's serial number for each of the drives installed in the computer and the MAC address of each of the computer's NIC cards. Each time the software is run the software will validate that the equipment that it is running on matches the data it has stored in it's database.
- Another potential opening is the turning back of the system clock to perpetually stay within the license's allowed validity time when using a “software lease” or “restricted by time” license.
- Each time a license of this type is used the current system time is checked against the last used system time. If the current system time is greater than the last used system time the last used system time is updated to the current time.
- the user interface is comprised of panes in four docking areas of the screen.
- a first area holds the explorer components 98 that are navigational in nature.
- a second area holds the editor components 89 .
- the editor components are, as their name implies, used to create, edit, or remove information. Depending on the control this may be done via textual editing, or graphical composition such as report designer and workflow editor.
- a third area 90 holds the property editor and palette window, the palette windows is primarily used in the graphical composition editors.
- a fourth area displays the output of activities such as compiling a report.
- the server explorer is the primary navigation tool of the desktop GUI and is comprised of servers registered with the IDE and belonging to two categories, The present invention License Servers and Network License Managers. These registered servers are displayed in a JTree control.
- the root node of the tree is labeled “The present invention Servers”. This root node contains 2 child nodes. The first of these child nodes is labeled “The present invention License Servers” and contains 0 . . . n child nodes, one for each of the license servers registered with the IDE. The second of theses child nodes is labeled “The present invention Network License Managers” and contains 0 . . . n child nodes, one for each of the network license manager servers registered with the IDE. In both cases the present invention's License Servers and the present invention's Network License Managers, the default text of the tree node is the same as the machine name of the registered server, however this label can be changed to an end-user defined value.
- Sub-nodes common to both the “The present invention License Servers” node and the “The present invention Network License Servers” node are the “Customers”, “Reports”, “Users”, and “Application Configuration” nodes.
- the “The present invention License Servers” sub-node also has 2 sub-nodes that are unique to the “The present invention License Servers” node. These two sub-nodes are the “Products” sub-node and the “Pending License Requests” sub-node.
- the “The present invention Network License Servers” sub-node also has 2 sub-nodes unique to it. These subnodes are the “License Pools” sub-node and the “Orphaned Licenses” sub-node.
- This section enumerates the actions that the GUI takes when individual tree nodes are clicked upon.
- License Servers node is left clicked, the “License Server List” editor is displayed in the editors pane of the GUI.
- Network License Management Servers node is left clicked, the “Network License Management Servers List” editor is displayed in the editors pane of the GUI.
- Specific When a specific the present invention license server is selected from the list of the present invention license servers listed as children of the “The present invention License Servers” node, the “The present invention License Server” editor is launched and populated with the details of the server selected in the tree.
- the “The present invention Network License Management Server” editor When a specific the present invention network license management server is selected from the list of the present invention license servers listed as children of the “The present invention Network License Management Servers” node, the “The present invention Network License Management Server” editor is launched and populated with the details of the server selected in the tree.
- the Customers Editor When a “Customers” node directly under a specific server is clicked, the Customers Editor is launched in the editors pane of the GUI and the customer list of the Customers Editor is populated with the customers registered with the specific server.
- a “Users” node directly under a specific server is clicked, the Users Editor is launched in the editors pane of the GUI and the user list of the Users Editor is populated with the users registered with the specific server.
- the TCP/IP Settings Editor When a “TCP/IP Settings” node under a specific server is clicked, the TCP/IP Settings Editor is launched in the editors pane of the GUI and the TCP/IP settings for the selected server are populated in the editor.
- the Security Settings Editor When a “Security Settings” node under a specific server is clicked, the Security Settings Editor is launched in the editors pane of the GUI and the Security settings for the selected server are populated in the editor.
- the Logging Settings Editor When a “Logging Settings” node under a specific server is clicked, the Logging Settings Editor is launched in the editors pane of the GUI and the Logging settings for the selected server are populated in the editor.
- the Database Settings Editor When a “Database Settings” node under a specific server is clicked, the Database Settings Editor is launched in the editors pane of the GUI and the Database settings for the selected server are populated in the editor.
- the License Pools Editor When a “License Pools” node directly under a specific server is clicked, the License Pools Editor is launched in the editors pane of the GUI and the customer list of the License Pools Editor is populated with the customers registered with the specific server.
- the Orphaned Licenses When a “Orphaned Licenses” node directly under a specific server is clicked, the Orphaned Licenses Editor is launched in the editors pane of the GUI and the customer list of the Orphaned Licenses Editor is populated with the customers registered with the specific server.
- the business rules tree node When the business rules tree node is clicked the system opens one of two different editor windows.
- scripting language is Java then a Java editor window that has the event functions already setup. If the scripting language is C++ then a C++ scripting window is opened. If the language is C# or VB or uses COM then the code will need to be written and compiled in Visual Studio, and is thus outside the scope of this IDE, however some mechanism to indicate which language the server should call to run the scripted business rules needs to be included.
- the customer editor 87 is used to enter or edit customer information as well as to view a license history for that customer.
- the editor is comprised of two major sections, which are the customer results grid section 89 and the customer details section 90 .
- the customer details section is further broken down into two sections which are customer information, and the license history.
- FIG. 11 illustrates the Sever General Configuration 89 which is displayed in a second area 92 and is comprised of Timeout and Keep Alive Settings.
- FIGS. 12 and 13 the values in the Cluster Configuration heading 90 and 91 fall under one of two categories. These categories are “Overall Cluster Configuration” 93 and “Cluster Node Configuration” 94 .
- the first of these, Overall Cluster Configuration 93 is represented in FIG. 12 .
- This first category is comprised of five variables which are: Worker Maintenance Interval, Enable Sticky Sessions, Force Sticky Sessions, Load Balance Method, and Memory Locking Method.
- the second category is comprised of eight variable which are: host address, load balancing factor, socket timeout, enable socket keep alive, Request Retries, Connection Pool Size, Minimum Connection Pool Size, and Connection Pool Timeout.
- FIG. 14 illustrates the Product Editor 92 which is displayed in a second area 95 and includes such variables as product name, product version, product system ID, product unique identification information and attribute fields.
- License Server and Network License Manager Server There are 3 possible installation and deployment configurations for the present invention License Server and Network License Manager Server. These three configurations are: stand alone, cluster manager, and cluster worker.
- the Stand Alone configuration installs both the Apache 2.0.x http server with the appropriate The present invention modules as well as the Apache Tomcat Java application server. In addition to these two applications the installation will also write out the appropriate configuration files (i.e. mod_jk.conf, httpd.conf, ssl.conf, nw_firewall.conf, etc).
- the Cluster Manager configuration installs only the Apache 2.0.x http server without the The present invention modules.
- the configuration files that are written are specific to the mod_jk clustering schema. These files are httpd.conf, ssl.conf, nw_firewall.com, mod_jk.conf and workers.properties.
- the Cluster Worker configuration is virtually identical to the Stand Alone installation with the added requirement of informing the Cluster Manager of it's installation and providing its information to the Cluster Manager so that the Cluster Manager may update its configuration with the new worker data.
Abstract
The present invention is a method and system for software license management. The License Management System (LMS) is comprised of three components. These three components are the License Client (LC), the License Server (LS) and the Network License Manager (NLM). For the system to function the LC and LS are required. The NLM exists to facilitate and manage concurrent license usage.
Description
- Not Applicable
- Not Applicable
- Not Applicable
- The present invention relates generally to a system and method for software license management. More specifically the present invention relates to a system and method for software license management for concurrent license management and license issuance.
- The present invention is method and system for software license management. Many other software license management systems are taught or known in the prior art, but each has their own respective shortcomings on which the present invention improves or eliminates in addition to the additional elements taught by the present invention.
- U.S. Pat. No. 7,013,294 discloses a license management system for software which drives a single computer or a plurality of computers including: an application program for requesting a decision of the number of license which it needs to drive itself and for receiving issuance of the license; a number of license decision unit for determining the necessary number of licenses in accordance with the request from the application program; and a license management unit for issuing the number of licenses which was determined by the number of license decision unit. According to this invention, it is possible to provide a license management system enabling issuance of a license in which the sales strategy of a software maker was considered.
- In U.S. Pat. No. 6,574,612 a method and system for providing flexibility to a license management system is disclosed. This license management system permits the concurrent use of multiple copies of a software program over a network comprising a plurality of client workstations, each client workstation having a copy of the software program installed thereon requiring an authorization from one of a plurality of license servers each time the software program is used. For security reasons, the license management system requires that at least the integer majority of the plurality of license servers is active at any time. This method and system allows a change to the number of license servers, but imposes several limitations.
- U.S. Pat. No. 5,138,712 teaches a software application wherein the verification and license check out functions which are normally performed by a license server of a network software license system. The encrypted license information is contained in a license token, and is sorted in the database controlled by the license server. In contrast to the prior art where the license server either grants or denies the request after verifying the user's credentials, the license server here finds the correct license token for the software application and transmits the license token to the licensing library.
- U.S. Pat. No. 5,553,143 allows for the electronic management and enforcement of software licenses used only in a network or non-network environment to facilitate product licensing and upgrades. Further, it only accommodates the use of compact disc read-only memory (CD ROM) product distribution.
- U.S. Pat. No. 5,671,412 teaches an improved software license management system wherein a license server initializes a license database by receiving a package license description that includes component license descriptions for component software products in a package. A client computer system can request a license for a component product in a package. A license is granted to the client when the client is allowed to receive the license according to a license policy.
- U.S. Pat. No. 6,189,145 teaches a software licensing system includes a license generator located at a licensing clearinghouse and at least one license server and multiple clients located at a company or entity. When a company wants a software license, it sends a purchase request (and appropriate fee) to the licensing clearinghouse. The license generator at the clearinghouse creates a license pack containing a set of one or more individual software licenses.
- U.S. Pat. No. 6,260,141 teaches a software license control system based on independent software registration servers. The registration servers are open to all software manufacturers. On user's computer, a software product asks the user software license control program whether the user has a usage license for the software product. The user license control program checks the license file, received from a software registration server, and answers the software product.
- U.S. Patent Application Publication 20020091645 discloses a licensing system comprising an application information database into which a license management server machine stores a license menu containing a function, a term and a number of times and the like for which usage may be approved with respect to software to be usage-approved. A user terminal is capable of accessing the application information database via an Internet network. Therefore, according to this system o, a software license granting technique is provided in which a range of software licensing choices is expanded so that various user needs can be met even with the same single software, and unlawful copying of the software that is approved for use by the user can be eliminated.
- U.S. Patent Application Publication 20050102240 discloses a software licensing system includes a license generator located at a licensing clearinghouse and at least one license server and multiple clients located at a company or entity. When a company wants a software license, it sends a purchase request and appropriate fee to the licensing clearinghouse. The license generator at the clearinghouse creates a license pack containing a set of one or more individual software licenses. The license generator digitally signs the license pack and encrypts it with the license server's public key. The license server is responsible for distributing the software licenses from the license pack to individual clients. When a client needs a license, the license server determines the client's operating system platform and grants the appropriate license. The license server digitally signs the software license and encrypts it using the client's public key. The license is stored locally at the client.
- Because the system of the present invention is designed to license software it is a natural target for anyone who wants the software and does not want to pay for it. Because this software is a target of “hackers” it must have defenses beyond the ordinary for protecting itself against those who seek to destroy its ability to perform its job of guarding software usage rights as defined by the software company that employs the system of the present invention to safeguard their software. To this end the system of the present invention will always employ the strongest security schema available to it based on the circumstances of the environment in which it is running. To ensure the highest degree of protection the system is designed with multiple layers of security that act independently of the others. While no system is completely secure, the intent of this design is to make the cost of breaking into the system so high as to be impractical.
- Therefore it is an objective of the present invention to teach a License Management System (LMS) is, in a best mode, comprised of three components. These three components are the License Client (LC), the License Server (LS) and the Network License Manager (NLM).
- It is another objective of the present invention to teach a License Management System (LMS) that, in an alternative embodiment only requires a License Client (LC) and License Server (LS) to properly function.
- It is yet another objective of the present invention to teach a License Management System (LMS) further comprised of a Network License Manager (NLM) component that exists to facilitate and manage concurrent license usage and issuance.
- The present invention is method and system for software license management that is recorded on computer-readable medium and capable of execution by a computer. The License Management System (LMS) is comprised of three components. These three components are the License Client (LC), the License Server (LS) and the Network License Manager (NLM). For the system to function the LC and LS are required. The NLM exists to facilitate and manage concurrent license usage. The main patentable elements focus on the concurrent license management and method of license issuance.
- The License Server and Network License Manager both provide an API to allow end users to write scripts to implement business rules in the decision making process at critical events in the registration, issuance, or usage of a license or customer. The License Server and Network License Manager both provide an API to allow end users to extend the functionality of the license server and/or network license manager over multiple platform such as Windows operating systems, Unix, Linux, Mac OSX, Solaris, Various cell phone operating systems and various gaming systems such as Sony's PlayStation, Nintendo gaming systems, and Microsoft's Xbox gaming systems with real time notification when the license expires.
- The license client provides facilities to run multiple licenses concurrently to enable complex licensing criterion. The License Server and Network License Manager user interfaces provide a graphical method to implement logical business rules. The License Server allows licenses to be revoked or suspended after issuance.
- The Network License Manager provides encapsulations of a set of licenses in a logical container, named a license pool. Each pool has a set of configurable attributes that are applied to all licenses contained in that pool. These attributes allow for: the permanent license assignment, online or offline usage of a license, configurable number of missed license to NLM check ins before the license disables itself, and allow or disallow other pools to use a configurable number of licenses in the event that the other pool runs out of available licenses.
- The accompanying drawings, which are incorporated herein and form a part of the specification, illustrate the present invention and, together with the description, further serve to explain the principles of the invention and to enable a person skilled in the pertinent art to make and use the invention.
-
FIG. 1 is a conceptual view of the licensing system of the present invention; -
FIG. 2 is a flow chart illustrating Business Rules Callback Processing of the present invention; -
FIG. 3 is a flow chart of the process of the Client Side of the present invention; -
FIG. 4 is a flow chart of the process of the Server Side of the present invention; -
FIGS. 5 a and 5 b are flow charts of the process of the Client Side of the present invention; -
FIG. 6 is a flow chart of the process of the Network License Manager of the present invention; -
FIG. 7 is a flow chart of the process of the Network License Manager and Client of the present invention; -
FIG. 8 is a flow chart of the process of the Server and Client of the present invention; -
FIG. 9 is a screen shot of the GUI of the present invention showing the customer editor; -
FIG. 10 is a screen shot of the GUI of the present invention showing the user editor; -
FIG. 11 is a screen shot of the GUI of the present invention showing the server's general configuration editor; -
FIG. 12 is a screen shot of the GUI of the present invention showing the overall cluster configuration; -
FIG. 13 is a screen shot of the GUI of the present invention showing the cluster node configuration; and -
FIG. 14 is a screen shot of the GUI of the present invention showing the product editor. - In the following detailed description of the invention of exemplary embodiments of the invention, reference is made to the accompanying drawings (where like numbers represent like elements), which form a part hereof, and in which is shown by way of illustration specific exemplary embodiments in which the invention may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention, but other embodiments may be utilized and logical, mechanical, electrical, and other changes may be made without departing from the scope of the present invention. The following detailed description is therefore, not to be taken in a limiting sense, and the scope of the present invention is defined only by the appended claims.
- Now referring to
FIG. 1 , theLicensing System 1 of the present invention is recorded on computer-readable medium and capable of execution by a computer and is comprised of three modules the interact via amulti-user network 14 such as the Internet. These modules are the License Client (LC) 13, the License Server (LS) 6, and the Network License Manager (NLM) 15. For the licensing system to function theLicense Client 13 and License Server are required. In an alternative embodiment, theNetwork License Manager 15 exists to facilitate and manage concurrent license usage. - The
License Server 6 further consists the following additional components: anidentity management system 2,database interference subsystem 3,web server 4,server clustering subsystem 5,license issuance subsystem 96 andlicense validation subsystem 97. Thelicense manager 15 is further comprised of the following additional components: anidentity management subsystem 20,database interference subsystem 17,web server 18,server clustering subsystem 19,license pooling subsystem 7,license validation subsystem 8, andlicense monitoring subsystem 9. Finally, theClient 13 is further comprised of the following additional components: anidentity management subsystem 12,license validation subsystem 10, andlicense monitoring system 11. - Interaction between the different components of the system is accomplished via messaging. A message is defined as an XML document that conforms to a specific predefined schema. Each message is encrypted and signed for security and authentication purposes. A message is most often transmitted and received via an HTTP or HTTPS connection, although in a few special circumstances a message can be transferred from one component to another via the use of a file.
- Now referring to
FIG. 2 a flow chart illustrating the business rules callback processing of the present invention. Business rules callback processing is accomplished via one of three options. When the License Server/Network License Manager starts, it reads a directive named “BusinessRule” from the configuration file. This directive can have four values which are “UserCompiled”, “Java”, “DotNet”, or “NotImplemented”. In the case of “NotImplimented” the function will simply return immediately. The Client Side/User Interface 96 consists of three routines, the first is the writing of .NET code to the user interface (UI) 98, which is then compiled 99 and uploaded 100 to theserver 97 and its compiled .NET assembly 110; the second is the writing of the C/C++ code to theUI 106, compiled 108, and then uploaded as a shared library or dll file to theserver 107 and its compiled C/C++ object 109; and the third is the writing of thejava code 101, which is then compiled 102 and uploaded to theserver 103 and itsJava class file 116. - On the
server side 97, a server request is first received from alicense client 104, which triggers acallback function 113. The configuration file next indicates that the server should useJava code 114 and then uses a Business Rule Directive from the configuration file to determine if it should continue to use Java or switch to User Compiled or .NET to further process therequest 115. If java is continued the system calls the java class with the serializedrequest 117 and obtains if from thejava class file 116. If the serialized request is to be processed via user compiled, the system calls out to the users compiled sharedlibrary 111 and obtains the information from the complied C/C++ object 109. If the serialized request is to be processed via .NET, then the system calls out to the user's .NET assembly 112 and obtains the information form the compiles .NET assembly 110. -
FIG. 3 is a flow chart of the process of the Client Side of the present invention. An external request, as shown by continuation point “D” 83 starts 21 the client side process. Once started 21, the first step is to select aclient 22 and a request for the local license andcustomer registration 24 is sent to thelicense server 25, denoted as continuation point “C” 81. If theclient operation selection 22 is to use alocal license 26 the system first determines if the license has been tampered with 29. If tampering has occurred anerror message 30 is returned and the operation stops. If the license has not been tampered with 29 a second check is made to ensure the license has not expired 28, if expired anerror message 30 is returned and the operation stops. If the license has not been tampered with and has not expired it is okay to use 27 and system returns to itsstart position 21. - Now referring to
FIG. 4 , a flow chart of the process on the Server Side of the present invention is illustrated. The server side will be initiated from either a request for the local license andcustomer registration 24 received, denoted as continuation point “C” 81 or from an electronically transmitted file to a customer service representative, denoted as continuation point “B” 82. After initiation, a request type is first determined 36 and the system process the license request and determines if the customer is registered 32 in thedatabase 38. If the customer is not registered a certificate and customer's public key is issued 39 and sent to theclient 42, the customer is registered 40 and the analysis of the license continues 33. The system will also determine if the server handles the product of thelicense request 31, and if so, will continue its analysis, but if not, it will return a response indicating such 37 to theclient 42. If the server does handle the product and the customer is registered, the system places a call to the end userbusiness rules script 34 and determines if the request has been rejected 35. If the request has been rejected a message will be sent to theclient 42, and if not a determination on whether a license can be issued 41 and the answer returned to theclient 42. - Valid license types issued by the system of the present invention includes: unrestricted, limited time evaluation, limited runs evaluation, software lease, and count uses.
- The unrestricted license type which places no restrictions on how long the user of the license may continue to use the software.
- The Limited Time Evaluation wherein the license will evaluate the License Time Duration, License Time Unit, and License Timer Start variables to create a time span that the license will then compare against the current system time to determine if the license time period has been exceeded, and as such expire itself. As a safeguard against a user simply resetting the system clock to an earlier date, upon use of the license it will check the current system time against the Last Used Date property and validate that the current system time is not earlier than the Last Used Date property. Once validated the Last Used Date will be updated to the current system time.
- The system may also incorporate a License Monitor to act as a monitoring process for all licenses in use by clients. If a periodic client license check-in is required for a license or a number of licenses, then this function will monitor the statistics updated by the Update Client Usage Info method. If those statistics exceed allowed values then the license will be declared an orphan and be reclaimed by the NLM. Exceeded statistics means, for example, that the license checked out by the client required that the client call the NLM every five minutes to update the NLM that the client was still alive and active and using the license, and that it could only miss two check-in cycles. If the License Monitor found that the last checking time for the client was ten minutes and one second, then the license would be declared orphaned and reclaimed. Production statistics and real-time monitoring will be on the order of milliseconds, not minutes and seconds.
- The Limited Runs Evaluation combines the Number Of Allowed Runs property with the License Run Count property to determine if the license has expired.
- The Software Lease checks that two conditions are valid before proceeding. The first condition to be checked is to ensure that the current system date is greater than or equal to the License Valid Star Time property. In the case that the current system time is less than the valid start time the license will return an error message. The second condition to be checked is to ensure that the current system time is less than or equal to the License Valid End Time property. If the current system time is greater than the License Valid End Time property the license will return an error message. As a safeguard against a user simply resetting the system clock to an earlier date, upon use of the license it will check the current system time against the Last Used Date property and validate that the current system time is not earlier than the Last Used Date property. Once validated the Last Used Date will be updated to the current system time. The Count Uses license will increment the License Run Count property.
- Now referring to
FIGS. 5 a and 5 b, flow charts illustrating of the process of the Client Side of the present invention are shown. If an input is received to start 43 the operation of the present invention, and the selectedclient operation 44 is for the use of aconcurrent network license 45, the system immediately and directly access thenetwork license manager 15, denoted as continuation point “E” 85, for the analysis of therequest type 46 and additional process steps of thenetwork license manager 15. At the conclusion of the network license manager's 15 processes a return message is sent to theclient 56, denoted as continuation point “F” 86 that is delivered toclient 13, denoted as continuation point “A” 84. -
FIG. 6 is a flow chart of the process of the Network License Manager of the present invention. The network license manager (NLM) is a server that sits on a customer's network and handles the management of concurrent network licenses. One of the fundamental architectural organizations of this server is the concept of license pools. A license pool is a group of licenses that are controlled and allowed to be used based on a set of configuration parameters. - The pool concept is illustrated by the following example. Company XYZ has an NLM installed on its intranet. Three different departments in XYZ have purchased licenses for the same software product, but the funds have come from department budgets rather than an overall company budget. Because of this the Sales and Marketing department does not want the Research and Development department, who have a much higher demand for the limited number of licenses using all of Sales and Marketing's licenses when Sales and Marketing needs to use the software. The Administration department has a number of licenses but does not typically use them often, but must have access to the software when they need it.
- In this embodiment there are three license pools. One each for Administration, Sales and Marketing, and Research and Development. Because R&D was getting the username and password for the Sales department's license pool, the Sales department has set the authentication level of their pool of licenses to require registration with the NLM and use the NLM issued PKI X.509 certificate for authentication against the pool before a license may be used by the requester. Sales has also set their maximum number of licenses that may be used in overflow requests to zero effectively turning off the overflow participation of their pool. The Research and Development department's pool has basic username/password authentication, as is the Administration's pool. More over the Administration's pool has their maximum number of licenses that may be used in overflow requests set to minus one (−1) which means that all licenses in the pool are available to overflow requests.
- Still referring to
FIG. 6 , upon receipt of input to thenetwork license manager 15, denoted as continuation point “E” 85, the analysis of therequest type 46 is initiated. A check to determine if the customer is registered is run 53. If the customer is not registered a certificate and customer's public key is issued 54 and sent to theclient 56, and the customer is registered 55. Concurrently, the license is checked 47 forvalid credentials 48 and caller permission to check out thelicense 48. If the license is invalid 57 or the caller has norights 58, a message is sent to theclient 56. Next a check is done to determine if the license pool has anyavailable licenses 50 and if so a valid license is marked in use and returned to theclient 52 in amessage 56. If the license pool does not have an available license an overflow pool is checked for available licenses. If an overflow pool license is available a valid license is marked in use and returned to theclient 52 in amessage 56. If no overflow pool license is available a message stating such 59 is returned to theclient 56. - Now referring to
FIG. 7 , a flow chart of the process of theNetwork License Manager 70 andClient 69 of the present invention are illustrated. Upon the client's 69 receipt of a response message from the network license manager, denoted as continuation point “A” 84, a check of the response is started 60. If the response is based on invalid credentials, no rights, or no available license an error message is returned to theuser 61. If the response is valid and a license is returned, the license is added to theactive license list 62 and the time cycle is started in thelicense revalidation timer 63. When the timer cycle expires the first step is to determine if the license has expired since thelast check 64. If the license has expired an error message is returned to theuser 61, if it has not expired the next step is to determine if the network license manager can be contacted 65. If the NLM can not be contacted, then a check is run to determine if the maximum number of missed NLM updates limit has been exceeded 66, if not the process returns to therevalidation timer 63, if it has been exceeded an error message is returned to theuser 67. If the NLM is contacted, then a check to determine if the license has been reclaimed by the NLM is run 68. If the NLM has reclaimed the license an error message is returned to theuser 61, if not the process returns to therevalidation timer 63. -
FIG. 8 is a flow chart of the process of theServer 72 andClient 71 of the present invention when a customer service representative or other human interaction is required by a user during the process of the system of the present invention. When a user starts theprocess 73 on theclient side 71 and selects a client operation 74 a request is made byfile 75 or an offline key request is submitted 77. Thefile request 75 is followed by alicense request 76 made by a file that is electronically transmitted to acustomer service representative 78 who then accesses the server, denoted as continuation point “B” 82 which results in the issuance of an offline license via file transactions. Alternatively, an offlinekey request 77 may be provided to acustomer service representative 78 by theuser 98 so that thecustomer service representative 78 can input the client key andlicense parameters 79 and process offline the key request and generate andoffline authorization code 80 that is then provided to theuser 98. - Because this system is designed to license software it is a natural target for anyone who wants the software and does not want to pay for it. this software is a target of “hackers” it must have defenses. Measures to disable the system of the present invention that have been taken into account by this document. One strategy for disabling the present invention is by replacing the DLL libraries. The present invention requires that the present invention DLLs be digitally signed. This signature can then be compared by the employing application and validated that the signature of the DLL it is using matches the known-good signature.
- Another method would be the manually writing of a license and feeding it into the present invention system, or altering an existing license. The system of the present invention requires license encryption i to prevent knowledge of the format of the license. Additionally, licenses are signed by the present invention's License Server (LS) that issues them. This LS is also registered with the present invention License Client (LC) that requested the license. Included in this LS registration information is the server's encryption and signature public keys in the form of X.509 digital certificates. Each time the license is used the license's signature is validated against the server's signature X.509 certificate to ensure that the license has been issued by a valid LS. At the option of the employing software application, the license may call the issuing LS to ensure that it is still valid and has not been revoked. Should the call to the server fail the application will be notified of this via the programming construct of an event. Finally, different cryptographic methodologies and cryptographic keys are used in the various stages of the license issuance process.
- Another possible attack could occur via the copying a working database to a second machine. To thwart this, the client database contains unique data about the machine that the software is running on. Specifically the hard drive manufacturer's serial number for each of the drives installed in the computer and the MAC address of each of the computer's NIC cards. Each time the software is run the software will validate that the equipment that it is running on matches the data it has stored in it's database.
- Another potential opening is the turning back of the system clock to perpetually stay within the license's allowed validity time when using a “software lease” or “restricted by time” license. Each time a license of this type is used the current system time is checked against the last used system time. If the current system time is greater than the last used system time the last used system time is updated to the current time. Each time the license is validated, which happens several times a minute, if the current system time is less than the last used system time, the license is expired.
- In the case of the Network License Manager a need exists to balance the level of security prescribed by the employing software company and the level of effort required by administrators to register and maintain all possible users of the system with the NLM. To facilitate flexibility and security there are four methods provided by the NLM to allow users to make use of licenses from the NLM. These four methods exist strictly for usage of licenses from the NLM. Any administration of the NLM mirrors the same security protections that exist in the LS.
- Now referring to
FIGS. 9-14 , the user interface is comprised of panes in four docking areas of the screen. A first area holds theexplorer components 98 that are navigational in nature. A second area holds theeditor components 89. The editor components are, as their name implies, used to create, edit, or remove information. Depending on the control this may be done via textual editing, or graphical composition such as report designer and workflow editor. Athird area 90 holds the property editor and palette window, the palette windows is primarily used in the graphical composition editors. A fourth area displays the output of activities such as compiling a report. - The server explorer is the primary navigation tool of the desktop GUI and is comprised of servers registered with the IDE and belonging to two categories, The present invention License Servers and Network License Managers. These registered servers are displayed in a JTree control.
- The root node of the tree is labeled “The present invention Servers”. This root node contains 2 child nodes. The first of these child nodes is labeled “The present invention License Servers” and contains 0 . . . n child nodes, one for each of the license servers registered with the IDE. The second of theses child nodes is labeled “The present invention Network License Managers” and contains 0 . . . n child nodes, one for each of the network license manager servers registered with the IDE. In both cases the present invention's License Servers and the present invention's Network License Managers, the default text of the tree node is the same as the machine name of the registered server, however this label can be changed to an end-user defined value.
- Sub-nodes common to both the “The present invention License Servers” node and the “The present invention Network License Servers” node are the “Customers”, “Reports”, “Users”, and “Application Configuration” nodes. The “The present invention License Servers” sub-node also has 2 sub-nodes that are unique to the “The present invention License Servers” node. These two sub-nodes are the “Products” sub-node and the “Pending License Requests” sub-node. The “The present invention Network License Servers” sub-node also has 2 sub-nodes unique to it. These subnodes are the “License Pools” sub-node and the “Orphaned Licenses” sub-node.
- This section enumerates the actions that the GUI takes when individual tree nodes are clicked upon. When the present invention License Servers node is left clicked, the “License Server List” editor is displayed in the editors pane of the GUI. When the present invention Network License Management Servers node is left clicked, the “Network License Management Servers List” editor is displayed in the editors pane of the GUI. Specific When a specific the present invention license server is selected from the list of the present invention license servers listed as children of the “The present invention License Servers” node, the “The present invention License Server” editor is launched and populated with the details of the server selected in the tree. When a specific the present invention network license management server is selected from the list of the present invention license servers listed as children of the “The present invention Network License Management Servers” node, the “The present invention Network License Management Server” editor is launched and populated with the details of the server selected in the tree. When a “Customers” node directly under a specific server is clicked, the Customers Editor is launched in the editors pane of the GUI and the customer list of the Customers Editor is populated with the customers registered with the specific server. When a “Users” node directly under a specific server is clicked, the Users Editor is launched in the editors pane of the GUI and the user list of the Users Editor is populated with the users registered with the specific server. When a “Products” node directly under a specific server is clicked, the Products Editor is launched in the editors pane of the GUI and the product list of the Products Editor is populated with the products registered with the specific server. Pending License Requests Node. When a “Pending License Requests” node directly under a specific server is clicked, the Pending License Requests Editor is launched in the editors pane of the GUI. When a “Server Configuration” node directly under a specific server is clicked, the Server Configuration Editor is launched in the editors pane of the GUI.
- When a “TCP/IP Settings” node under a specific server is clicked, the TCP/IP Settings Editor is launched in the editors pane of the GUI and the TCP/IP settings for the selected server are populated in the editor. When a “Security Settings” node under a specific server is clicked, the Security Settings Editor is launched in the editors pane of the GUI and the Security settings for the selected server are populated in the editor. When a “Logging Settings” node under a specific server is clicked, the Logging Settings Editor is launched in the editors pane of the GUI and the Logging settings for the selected server are populated in the editor. When a “Database Settings” node under a specific server is clicked, the Database Settings Editor is launched in the editors pane of the GUI and the Database settings for the selected server are populated in the editor. When a “License Pools” node directly under a specific server is clicked, the License Pools Editor is launched in the editors pane of the GUI and the customer list of the License Pools Editor is populated with the customers registered with the specific server. When a “Orphaned Licenses” node directly under a specific server is clicked, the Orphaned Licenses Editor is launched in the editors pane of the GUI and the customer list of the Orphaned Licenses Editor is populated with the customers registered with the specific server. When the business rules tree node is clicked the system opens one of two different editor windows. If the selected scripting language is Java then a Java editor window that has the event functions already setup. If the scripting language is C++ then a C++ scripting window is opened. If the language is C# or VB or uses COM then the code will need to be written and compiled in Visual Studio, and is thus outside the scope of this IDE, however some mechanism to indicate which language the server should call to run the scripted business rules needs to be included.
- Now referring to
FIGS. 9 and 10 , thecustomer editor 87 is used to enter or edit customer information as well as to view a license history for that customer. The editor is comprised of two major sections, which are the customerresults grid section 89 and thecustomer details section 90. The customer details section is further broken down into two sections which are customer information, and the license history. -
FIG. 11 illustrates theSever General Configuration 89 which is displayed in asecond area 92 and is comprised of Timeout and Keep Alive Settings. - Referring to
FIGS. 12 and 13 the values in the Cluster Configuration heading 90 and 91 fall under one of two categories. These categories are “Overall Cluster Configuration” 93 and “Cluster Node Configuration” 94. The first of these,Overall Cluster Configuration 93 is represented inFIG. 12 . This first category is comprised of five variables which are: Worker Maintenance Interval, Enable Sticky Sessions, Force Sticky Sessions, Load Balance Method, and Memory Locking Method. The second category is comprised of eight variable which are: host address, load balancing factor, socket timeout, enable socket keep alive, Request Retries, Connection Pool Size, Minimum Connection Pool Size, and Connection Pool Timeout. - Finally,
FIG. 14 illustrates theProduct Editor 92 which is displayed in asecond area 95 and includes such variables as product name, product version, product system ID, product unique identification information and attribute fields. - There are 3 possible installation and deployment configurations for the present invention License Server and Network License Manager Server. These three configurations are: stand alone, cluster manager, and cluster worker.
- The Stand Alone configuration installs both the Apache 2.0.x http server with the appropriate The present invention modules as well as the Apache Tomcat Java application server. In addition to these two applications the installation will also write out the appropriate configuration files (i.e. mod_jk.conf, httpd.conf, ssl.conf, nw_firewall.conf, etc).
- The Cluster Manager configuration installs only the Apache 2.0.x http server without the The present invention modules. The configuration files that are written are specific to the mod_jk clustering schema. These files are httpd.conf, ssl.conf, nw_firewall.com, mod_jk.conf and workers.properties.
- The Cluster Worker configuration is virtually identical to the Stand Alone installation with the added requirement of informing the Cluster Manager of it's installation and providing its information to the Cluster Manager so that the Cluster Manager may update its configuration with the new worker data.
- It is appreciated that the optimum dimensional relationships for the parts of the invention, to include variation in size, materials, shape, form, function, and manner of operation, assembly and use, are deemed readily apparent and obvious to one of ordinary skill in the art, and all equivalent relationships to those illustrated in the drawings and described in the above description are intended to be encompassed by the present invention.
- Furthermore, other areas of art may benefit from this method and adjustments to the design are anticipated. Thus, the scope of the invention should be determined by the appended claims and their legal equivalents, rather than by the examples given.
Claims (18)
1. A software license management and issuance system recorded on computer-readable medium and capable of execution by a computer comprising:
a license client,
said license client further comprising:
an identity management subsystem, a license validation subsystem, and
a license monitoring system; and
a license server,
said license server further comprising:
an identity management system, a database interference subsystem, a web server, a server clustering subsystem, a license issuance subsystem, and a license validation subsystem.
2. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 1 further comprising a network license manager as means for facilitating and managing concurrent license usage, said network license manager further comprised of an identity management subsystem, a database interference subsystem, a web server, a server clustering subsystem, a license pooling subsystem, a license validation subsystem, and a license monitoring subsystem.
3. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 2 wherein an interaction between the licensing client, licensing system, and network license manage of the system is accomplished via messaging, each message being encrypted and signed for security and authentication purposes.
4. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 2 further comprising a license monitor providing means for monitoring process for all licenses in use by clients.
5. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 4 wherein when a periodic client license check-in is required for a license or a number of licenses, then the license monitor will monitor the statistics updated by an update client usage information method;
if said statistics exceed allowed values then the license will be declared an orphan and be reclaimed by the network license manager; and
if a last checking time for the client was ten minutes and one second, then the license would be declared orphaned and reclaimed.
6. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 5 wherein
the license monitor provides means for a limited runs evaluation that combines a number of allowed runs property with a license run count property to determine if the license has expired;
the license monitor is further comprised of a software lease providing means for checking that two conditions are valid before proceeding;
a first condition to be checked ensures that the current system date is greater than or equal to the license valid start time property.
a second condition to be checked ensures that the current system time is less than or equal to the license valid end time property; and
upon use of the license the license monitor will check a current system time against a last used date property and validate that the current system time is not earlier than the last used date property; and
a count uses license will increment a license run count property.
7. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer, said method comprising the steps of:
making an external request from a client server;
selecting a client, a request for a local license, and customer registration to a license server;
determining if the license has been tampered with;
determining if the license has not expired;
returning an error message if tampering or expiration is determined, otherwise continuing with the following method steps;
initiating a request from a server side from either a request from the local license and customer registration or from an electronically transmitted file to a customer service representative;
determining a request type and processing the license request to determine if a customer is registered;
if the customer is not registered, a certificate and customer's public key is issued and sent to the client,
if the customer is registered, the analysis of the license continues;
determining if server will handle the product of the license request, and if so, the server will continue the analysis, but if not, the server will return a response indicating such to the client;
if the server does handle the product and the customer is registered, the system places a call to the end user business rules script and determines if the request has been rejected; and
if the request has been rejected a message will be sent to the client, and if not a determination on whether a license can be issued and the answer returned to the client.
8. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 wherein valid license types issued by the system of the present invention includes unrestricted, limited time evaluation, limited runs evaluation, software lease, and count uses.
9. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 8 wherein the unrestricted license type places no restrictions on how long the user of the license may continue to use the software.
10. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 8 wherein the limited time evaluation license will evaluate a license time duration, license time unit, and license timer start variables to create a time span that will then be compared against a current system time to determine if the license time period has been exceeded.
11. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the steps of the client side server;
receiving an input to start a selected client operation for a concurrent network license;
immediately and directly accesses a network license manager for analysis of the request type and additional process steps of the network license manager; and
sending a message to the client at the conclusion of the network license manager's processes.
12. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the steps of the process of the network license manager
creating a license pool comprising a group of licenses that are controlled and allowed to be used based on a set of configuration parameters
said license pool consists of one or more subpools
receipt of input to the network license manager;
initiation of analysis of the request type to determine if the customer is registered is run;
if the customer is not registered a certificate and customer's public key is issued and sent to the client, and the customer is registered;
concurrently, the license is checked for valid credentials and caller permission to check out the license;
if the license is invalid or the caller has no rights, a message is sent to the client;
a check is done to determine if the license pool has any available licenses;
if so, a valid license is marked in use and returned to the client;
if the license pool does not have an available license an overflow pool is checked for available licenses;
if an overflow pool license is available a valid license is marked in use and returned to the client in a message; and
if no overflow pool license is available a message stating such is returned to the client.
13. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the steps of the business rules callback processing, said business rules callback processing is accomplished via one of three options
a first option wherein when the license server and network license manager starts,
reading a directive named “BusinessRule” from a configuration file, said directive can have four values which are “UserCompiled”, “Java”, “DotNet”, or “NotImplemented”;
in the case of “NotImplimented” the function will simply return immediately.
a second option wherein the client side server and a user interface consists of three routines,
a first routine wherein .NET code is written to the user interface, which is then compiled and uploaded to the server, and its compiled in to .NET assembly;
a second routine wherein the of the code is written to the user interface, compiled, and then uploaded as a shared library or dll file to the server and its compiled object; and
a third routine where the writing of the java code, which is then compiled and uploaded to the server as a Java class file.
14. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 14 wherein, on the server side,
a server request is first received from a license client, which triggers a callback function;
the configuration file next indicates that the server should use Java code and then uses a Business Rule Directive from the configuration file to determine if it should continue to use Java or switch to User Compiled or .NET to further process the request;
if java is continued the system calls the java class with the serialized request and obtains if from the java class file;
if the serialized request is to be processed via user compiled, the system calls out to the users compiled shared library and obtains the information from the complied object; and
if the serialized request is to be processed via .NET, then the system calls out to the user's .NET assembly and obtains the information form the compiles .NET assembly.
15. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 comprising the following steps
upon the client's receipt of a response message form the network license manager;
if the response is based on invalid credentials, no rights, or no available license an error message is returned to the user;
if the response is valid and a license is returned, the license is added to the active license list and time cycle is started in the license revalidation timer;
when the timer cycle expires the first step is to determine if the license has expired since the last check;
if the license has expired an error message is returned to the user;
if it has not expired the next step is to determine if the network license manager can be contacted;
if the network license manager can not be contacted, then a check is run to determine if the maximum number of missed network license manager updates limit has been exceeded,
if not the process returns to the revalidation timer,
if it has been exceeded an error message is returned to the user;
if the network license manager is contacted, then a check to determine if the license has been reclaimed by the network license manager is run; and
if the network license manager has reclaimed the license an error message is returned to the user, if not the process returns to the revalidation timer.
16. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the additional steps when a customer service representative or other human interaction is required by a user during the process of the system of the present invention;
when a user starts the process on the client side and selects a client operation a request is made by file or an offline key request is submitted; and
the file request is followed by a license request made by a file that is electronically transmitted to a customer service representative who then accesses the server, which results in the issuance of an offline license via file transactions.
17. A software license management and issuance method recorded on computer-readable medium and capable of execution by a computer of claim 7 further comprising the additional steps when a customer service representative or other human interaction is required by a user during the process of the system of the present invention;
an offline key request is provided to a customer service representative by the user so that the customer service representative can input the client key and license parameters and process offline the key request and generate and offline authorization code that is then provided to the user.
18. The software license management and issuance system recorded on computer-readable medium and capable of execution by a computer of claim 6 wherein
DLLs are required to be digitally signed, so said signature can then be compared by the employing application and validated that the signature of the DLL it is using matches the known-good signature;
licenses are signed by the license server registered with the license client that requested the license including the server's encryption and signature public keys in the form of digital certificates, each time the license is used the license's signature is validated against the server's signature certificate to ensure that the license has been issued by a valid license server;
a client database contains unique data about the machine that the software is running on and each time the software is run, the software will validate that the equipment that it is running on matches the data it has stored in it's database; and
each time a license is used the time is checked against the last used system time, if the current system time is greater than the last used system time the last used system time is updated to the current time.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/695,338 US20080244754A1 (en) | 2007-04-02 | 2007-04-02 | System and Method for Software License Management for Concurrent License Management and Issuance |
US12/402,569 US8069119B2 (en) | 2007-04-02 | 2009-03-12 | System and method for software license management for concurrent license management and issuance |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/695,338 US20080244754A1 (en) | 2007-04-02 | 2007-04-02 | System and Method for Software License Management for Concurrent License Management and Issuance |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/402,569 Division US8069119B2 (en) | 2007-04-02 | 2009-03-12 | System and method for software license management for concurrent license management and issuance |
Publications (1)
Publication Number | Publication Date |
---|---|
US20080244754A1 true US20080244754A1 (en) | 2008-10-02 |
Family
ID=39796679
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/695,338 Abandoned US20080244754A1 (en) | 2007-04-02 | 2007-04-02 | System and Method for Software License Management for Concurrent License Management and Issuance |
US12/402,569 Expired - Fee Related US8069119B2 (en) | 2007-04-02 | 2009-03-12 | System and method for software license management for concurrent license management and issuance |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/402,569 Expired - Fee Related US8069119B2 (en) | 2007-04-02 | 2009-03-12 | System and method for software license management for concurrent license management and issuance |
Country Status (1)
Country | Link |
---|---|
US (2) | US20080244754A1 (en) |
Cited By (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100088413A1 (en) * | 2008-10-02 | 2010-04-08 | Sony Corporation | License managing apparatus, license managing method, and license managing system |
WO2010111165A1 (en) * | 2009-03-24 | 2010-09-30 | Snap-On Incorporated | System and method for rendering a set of program instructions as executable or non-executable |
US20100325149A1 (en) * | 2009-06-22 | 2010-12-23 | Craig Stephen Etchegoyen | System and Method for Auditing Software Usage |
US20100325200A1 (en) * | 2009-06-22 | 2010-12-23 | Craig Stephen Etchegoyen | System and Method for Software Activation Through Digital Media Fingerprinting |
US20110009092A1 (en) * | 2009-07-08 | 2011-01-13 | Craig Stephen Etchegoyen | System and Method for Secured Mobile Communication |
US20110072522A1 (en) * | 2009-09-22 | 2011-03-24 | Vikram Koka | System and Method for Capacity Licensing |
US20110083177A1 (en) * | 2009-10-07 | 2011-04-07 | International Business Machines Corporation | Software license management |
US20110131115A1 (en) * | 2008-06-17 | 2011-06-02 | Sony Computer Entertainment Inc. | Information processing device |
US20110145568A1 (en) * | 2009-12-14 | 2011-06-16 | International Business Machines Corporation | Handling of the usage of software in a disconnected computing environment |
EP2273411A3 (en) * | 2009-06-24 | 2011-08-31 | Uniloc Usa, Inc. | Systems and methods for determining authorization to operate licensed software based on a client device fingerprint |
US20110247085A1 (en) * | 2010-03-30 | 2011-10-06 | Hon Hai Precision Industry Co., Ltd. | Electronic device and method of protecting software |
US20120185593A1 (en) * | 2009-11-23 | 2012-07-19 | Zhongwen Zhu | License redistributing method, moderator and license controlling system thereof |
WO2012127223A2 (en) | 2011-03-22 | 2012-09-27 | Centrix Networking Limited | Computer system and method |
US20130204987A1 (en) * | 2012-02-02 | 2013-08-08 | Ritesh H. Patani | Hardware device name resolution for deterministic configuration in a network appliance |
US8566960B2 (en) | 2007-11-17 | 2013-10-22 | Uniloc Luxembourg S.A. | System and method for adjustable licensing of digital products |
US8874891B2 (en) | 2010-05-20 | 2014-10-28 | Hewlett-Packard Development Company, L.P. | Systems and methods for activation of applications using client-specific data |
CN104123482A (en) * | 2014-07-08 | 2014-10-29 | 攀钢集团攀枝花钢钒有限公司 | Method for generating machine code and registration code and method for software registration and function limiting |
US20140337987A1 (en) * | 2007-02-01 | 2014-11-13 | Microsoft Corporation | Secure serial number |
US20150336005A1 (en) * | 2014-05-20 | 2015-11-26 | Cadillac Jack | Electronic gaming system with central game licensing |
US20150356292A1 (en) * | 2009-06-03 | 2015-12-10 | Apple Inc. | Methods and apparatuses for secure compilation |
EP3062254A1 (en) * | 2015-02-26 | 2016-08-31 | BlackBerry Limited | License management for device management system |
US9633183B2 (en) | 2009-06-19 | 2017-04-25 | Uniloc Luxembourg S.A. | Modular software protection |
US9880819B2 (en) | 2009-06-03 | 2018-01-30 | Apple Inc. | Methods and apparatuses for a compiler server |
US10015279B2 (en) | 2014-11-13 | 2018-07-03 | Blackberry Limited | Application assignment reconciliation and license management |
WO2018179225A1 (en) * | 2017-03-30 | 2018-10-04 | 株式会社オプティム | Computer system, license management method and program |
US10320556B2 (en) * | 2016-01-25 | 2019-06-11 | Ping An Technology (Shenzhen) Co., Ltd. | Method, mobile terminal, device, and readable storage medium for preventing accessed data from being tampered with |
US10320611B2 (en) * | 2017-10-04 | 2019-06-11 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
US20200394284A1 (en) * | 2018-02-13 | 2020-12-17 | Sony Corporation | Electronic device, information processing apparatus, information processing method, program, and information processing system |
US20210218722A1 (en) * | 2017-11-01 | 2021-07-15 | Citrix Systems, Inc. | Dynamic crypto key management for mobility in a cloud environment |
US11113366B2 (en) * | 2017-06-06 | 2021-09-07 | Infosys Limited | Cryptographic mechanisms for software setup using token-based two-factor authentication |
US20210390645A1 (en) * | 2020-06-16 | 2021-12-16 | OSAAP America, LLC | Offline License Distribution Device |
US11336524B2 (en) * | 2017-10-04 | 2022-05-17 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
US11379560B2 (en) * | 2019-03-18 | 2022-07-05 | ServiceNow Inc. | Systems and methods for license analysis |
US20230126059A1 (en) * | 2021-10-22 | 2023-04-27 | Sap Se | Development landscape build system |
CN116451182A (en) * | 2023-04-27 | 2023-07-18 | 芯华章科技(深圳)有限公司 | Method, apparatus and storage medium for managing license |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8370416B2 (en) * | 2006-04-26 | 2013-02-05 | Hewlett-Packard Development Company, L.P. | Compatibility enforcement in clustered computing systems |
US20090205021A1 (en) * | 2007-11-09 | 2009-08-13 | Corbis Corporation | Management of rights clearance negotiations and brokering over a network |
US8589264B2 (en) | 2009-10-19 | 2013-11-19 | International Business Machines Corporation | Token licensing mapping costs to enabled software tool features |
JP4909431B2 (en) * | 2010-05-14 | 2012-04-04 | 株式会社エヌ・ティ・ティ・ドコモ | License issuing system, client terminal, server, and license issuing method |
US9077745B1 (en) | 2010-08-04 | 2015-07-07 | Saint Corporation | Method of resolving port binding conflicts, and system and method of remote vulnerability assessment |
US8904174B2 (en) | 2011-03-22 | 2014-12-02 | International Business Machines Corporation | System, method and computer program product for product license management |
US10701141B2 (en) * | 2016-06-30 | 2020-06-30 | International Business Machines Corporation | Managing software licenses in a disaggregated environment |
US10146518B1 (en) * | 2017-05-25 | 2018-12-04 | Dell Products L.P. | Smart retention policy appliance for legal compliance |
Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5138712A (en) * | 1989-10-02 | 1992-08-11 | Sun Microsystems, Inc. | Apparatus and method for licensing software on a network of computers |
US5553143A (en) * | 1994-02-04 | 1996-09-03 | Novell, Inc. | Method and apparatus for electronic licensing |
US5615269A (en) * | 1996-02-22 | 1997-03-25 | Micali; Silvio | Ideal electronic negotiations |
US5671412A (en) * | 1995-07-28 | 1997-09-23 | Globetrotter Software, Incorporated | License management system for software applications |
US5790664A (en) * | 1996-02-26 | 1998-08-04 | Network Engineering Software, Inc. | Automated system for management of licensed software |
US6189145B1 (en) * | 1997-05-28 | 2001-02-13 | International Business Machines Corporation | Concurrent patch to logical partition manager of a logically partitioned system |
US6260141B1 (en) * | 1997-09-19 | 2001-07-10 | Hyo Joon Park | Software license control system based on independent software registration server |
US20020091645A1 (en) * | 2000-12-20 | 2002-07-11 | Kagemoto Tohyama | Software licensing system |
US6574612B1 (en) * | 1999-02-19 | 2003-06-03 | International Business Machines Corporation | License management system |
US20050049973A1 (en) * | 2003-09-02 | 2005-03-03 | Read Mark A. | Method and program for automated management of software license usage by monitoring and disabling inactive software products |
US20050102240A1 (en) * | 1998-03-18 | 2005-05-12 | Microsoft Corporation | System and method for software licensing |
US6901386B1 (en) * | 2000-03-31 | 2005-05-31 | Intel Corporation | Electronic asset lending library method and apparatus |
US7013294B1 (en) * | 1997-07-15 | 2006-03-14 | Shinko Electric Industries Co., Ltd. | License management system |
US7111161B2 (en) * | 2003-02-03 | 2006-09-19 | Hitachi, Ltd. | Common storage system shared by one or more computers and information processing system having the same |
-
2007
- 2007-04-02 US US11/695,338 patent/US20080244754A1/en not_active Abandoned
-
2009
- 2009-03-12 US US12/402,569 patent/US8069119B2/en not_active Expired - Fee Related
Patent Citations (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5138712A (en) * | 1989-10-02 | 1992-08-11 | Sun Microsystems, Inc. | Apparatus and method for licensing software on a network of computers |
US5553143A (en) * | 1994-02-04 | 1996-09-03 | Novell, Inc. | Method and apparatus for electronic licensing |
US5671412A (en) * | 1995-07-28 | 1997-09-23 | Globetrotter Software, Incorporated | License management system for software applications |
US5615269A (en) * | 1996-02-22 | 1997-03-25 | Micali; Silvio | Ideal electronic negotiations |
US5790664A (en) * | 1996-02-26 | 1998-08-04 | Network Engineering Software, Inc. | Automated system for management of licensed software |
US6189145B1 (en) * | 1997-05-28 | 2001-02-13 | International Business Machines Corporation | Concurrent patch to logical partition manager of a logically partitioned system |
US7013294B1 (en) * | 1997-07-15 | 2006-03-14 | Shinko Electric Industries Co., Ltd. | License management system |
US6260141B1 (en) * | 1997-09-19 | 2001-07-10 | Hyo Joon Park | Software license control system based on independent software registration server |
US20050102240A1 (en) * | 1998-03-18 | 2005-05-12 | Microsoft Corporation | System and method for software licensing |
US6574612B1 (en) * | 1999-02-19 | 2003-06-03 | International Business Machines Corporation | License management system |
US6901386B1 (en) * | 2000-03-31 | 2005-05-31 | Intel Corporation | Electronic asset lending library method and apparatus |
US20020091645A1 (en) * | 2000-12-20 | 2002-07-11 | Kagemoto Tohyama | Software licensing system |
US7111161B2 (en) * | 2003-02-03 | 2006-09-19 | Hitachi, Ltd. | Common storage system shared by one or more computers and information processing system having the same |
US20050049973A1 (en) * | 2003-09-02 | 2005-03-03 | Read Mark A. | Method and program for automated management of software license usage by monitoring and disabling inactive software products |
Cited By (57)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140337987A1 (en) * | 2007-02-01 | 2014-11-13 | Microsoft Corporation | Secure serial number |
US9292665B2 (en) * | 2007-02-01 | 2016-03-22 | Microsoft Technology Licensing, Llc | Secure serial number |
US8566960B2 (en) | 2007-11-17 | 2013-10-22 | Uniloc Luxembourg S.A. | System and method for adjustable licensing of digital products |
US20110131115A1 (en) * | 2008-06-17 | 2011-06-02 | Sony Computer Entertainment Inc. | Information processing device |
US10748208B2 (en) * | 2008-06-17 | 2020-08-18 | Sony Interactive Entertainment Inc. | Scheme for processing rental content in an information processing apparatus |
US20100088413A1 (en) * | 2008-10-02 | 2010-04-08 | Sony Corporation | License managing apparatus, license managing method, and license managing system |
WO2010111165A1 (en) * | 2009-03-24 | 2010-09-30 | Snap-On Incorporated | System and method for rendering a set of program instructions as executable or non-executable |
US9880819B2 (en) | 2009-06-03 | 2018-01-30 | Apple Inc. | Methods and apparatuses for a compiler server |
US9946873B2 (en) * | 2009-06-03 | 2018-04-17 | Apple Inc. | Methods and apparatuses for secure compilation |
US20150356292A1 (en) * | 2009-06-03 | 2015-12-10 | Apple Inc. | Methods and apparatuses for secure compilation |
US10489562B2 (en) | 2009-06-19 | 2019-11-26 | Uniloc 2017 Llc | Modular software protection |
US9633183B2 (en) | 2009-06-19 | 2017-04-25 | Uniloc Luxembourg S.A. | Modular software protection |
US20100325200A1 (en) * | 2009-06-22 | 2010-12-23 | Craig Stephen Etchegoyen | System and Method for Software Activation Through Digital Media Fingerprinting |
US20100325149A1 (en) * | 2009-06-22 | 2010-12-23 | Craig Stephen Etchegoyen | System and Method for Auditing Software Usage |
EP2273411A3 (en) * | 2009-06-24 | 2011-08-31 | Uniloc Usa, Inc. | Systems and methods for determining authorization to operate licensed software based on a client device fingerprint |
US8213907B2 (en) | 2009-07-08 | 2012-07-03 | Uniloc Luxembourg S. A. | System and method for secured mobile communication |
US20110009092A1 (en) * | 2009-07-08 | 2011-01-13 | Craig Stephen Etchegoyen | System and Method for Secured Mobile Communication |
US20110072522A1 (en) * | 2009-09-22 | 2011-03-24 | Vikram Koka | System and Method for Capacity Licensing |
US8850607B2 (en) * | 2009-09-22 | 2014-09-30 | Flexera Software Llc | System and method for capacity licensing |
US8850605B2 (en) | 2009-09-22 | 2014-09-30 | Flexera Software Llc | System and method for capacity licensing |
US8601540B2 (en) * | 2009-10-07 | 2013-12-03 | International Business Machines Corporation | Software license management |
US20110083177A1 (en) * | 2009-10-07 | 2011-04-07 | International Business Machines Corporation | Software license management |
US20120185593A1 (en) * | 2009-11-23 | 2012-07-19 | Zhongwen Zhu | License redistributing method, moderator and license controlling system thereof |
US8966086B2 (en) * | 2009-11-23 | 2015-02-24 | Telefonaktiebolaget Lm Ericsson (Publ) | License redistributing method, moderator and license controlling system thereof |
US8745375B2 (en) | 2009-12-14 | 2014-06-03 | International Business Machines Corporation | Handling of the usage of software in a disconnected computing environment |
US20110145568A1 (en) * | 2009-12-14 | 2011-06-16 | International Business Machines Corporation | Handling of the usage of software in a disconnected computing environment |
US8375460B2 (en) * | 2010-03-30 | 2013-02-12 | Hon Hai Precision Industry Co., Ltd. | Electronic device and method of protecting software |
US20110247085A1 (en) * | 2010-03-30 | 2011-10-06 | Hon Hai Precision Industry Co., Ltd. | Electronic device and method of protecting software |
US8874891B2 (en) | 2010-05-20 | 2014-10-28 | Hewlett-Packard Development Company, L.P. | Systems and methods for activation of applications using client-specific data |
WO2012127223A2 (en) | 2011-03-22 | 2012-09-27 | Centrix Networking Limited | Computer system and method |
US9213676B2 (en) * | 2012-02-02 | 2015-12-15 | Dialogic Incorporated | Hardware device name resolution for deterministic configuration in a network appliance |
US20130204987A1 (en) * | 2012-02-02 | 2013-08-08 | Ritesh H. Patani | Hardware device name resolution for deterministic configuration in a network appliance |
US20150336005A1 (en) * | 2014-05-20 | 2015-11-26 | Cadillac Jack | Electronic gaming system with central game licensing |
CN104123482A (en) * | 2014-07-08 | 2014-10-29 | 攀钢集团攀枝花钢钒有限公司 | Method for generating machine code and registration code and method for software registration and function limiting |
US10015279B2 (en) | 2014-11-13 | 2018-07-03 | Blackberry Limited | Application assignment reconciliation and license management |
EP3062254A1 (en) * | 2015-02-26 | 2016-08-31 | BlackBerry Limited | License management for device management system |
US9600810B2 (en) | 2015-02-26 | 2017-03-21 | Blackberry Limited | License management for device management system |
US10320556B2 (en) * | 2016-01-25 | 2019-06-11 | Ping An Technology (Shenzhen) Co., Ltd. | Method, mobile terminal, device, and readable storage medium for preventing accessed data from being tampered with |
US11061995B2 (en) | 2017-03-30 | 2021-07-13 | Optim Corporation | Computer system, license management method and program |
WO2018179225A1 (en) * | 2017-03-30 | 2018-10-04 | 株式会社オプティム | Computer system, license management method and program |
JPWO2018179225A1 (en) * | 2017-03-30 | 2019-04-04 | 株式会社オプティム | Computer system, license management method and program |
CN110366724A (en) * | 2017-03-30 | 2019-10-22 | 株式会社OPTiM | Computer system, licence managing method and program |
US11113366B2 (en) * | 2017-06-06 | 2021-09-07 | Infosys Limited | Cryptographic mechanisms for software setup using token-based two-factor authentication |
US11336524B2 (en) * | 2017-10-04 | 2022-05-17 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
US11108635B2 (en) * | 2017-10-04 | 2021-08-31 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
US10742504B2 (en) * | 2017-10-04 | 2020-08-11 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
US10320611B2 (en) * | 2017-10-04 | 2019-06-11 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
US20220278898A1 (en) * | 2017-10-04 | 2022-09-01 | Servicenow, Inc. | Guided configuration item class creation in a remote network management platform |
US11627120B2 (en) * | 2017-11-01 | 2023-04-11 | Citrix Systems, Inc. | Dynamic crypto key management for mobility in a cloud environment |
US20210218722A1 (en) * | 2017-11-01 | 2021-07-15 | Citrix Systems, Inc. | Dynamic crypto key management for mobility in a cloud environment |
US11693929B2 (en) * | 2018-02-13 | 2023-07-04 | Sony Corporation | Electronic device, information processing apparatus, information processing method, and information processing system |
US20200394284A1 (en) * | 2018-02-13 | 2020-12-17 | Sony Corporation | Electronic device, information processing apparatus, information processing method, program, and information processing system |
US11379560B2 (en) * | 2019-03-18 | 2022-07-05 | ServiceNow Inc. | Systems and methods for license analysis |
US20210390645A1 (en) * | 2020-06-16 | 2021-12-16 | OSAAP America, LLC | Offline License Distribution Device |
US20230126059A1 (en) * | 2021-10-22 | 2023-04-27 | Sap Se | Development landscape build system |
US11861363B2 (en) * | 2021-10-22 | 2024-01-02 | Sap Se | Development landscape build system |
CN116451182A (en) * | 2023-04-27 | 2023-07-18 | 芯华章科技(深圳)有限公司 | Method, apparatus and storage medium for managing license |
Also Published As
Publication number | Publication date |
---|---|
US20090177740A1 (en) | 2009-07-09 |
US8069119B2 (en) | 2011-11-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8069119B2 (en) | System and method for software license management for concurrent license management and issuance | |
CA2874189C (en) | Cyber security analzer | |
US20070180490A1 (en) | System and method for policy management | |
Ellison et al. | Evaluating and mitigating software supply chain security risks | |
US20070198427A1 (en) | Computer service licensing management | |
US20070233538A1 (en) | Systems, methods, and apparatus to manage offshore software development | |
US20070198428A1 (en) | Purchasing of computer service access licenses | |
US20040088560A1 (en) | Secure system access | |
JP2005503596A (en) | Resource sharing system and method | |
US11216423B2 (en) | Granular analytics for software license management | |
EP3835978A1 (en) | Software license manager | |
US20070240223A1 (en) | Systems, methods, and apparatus to manage offshore software development | |
JP2005092649A (en) | Digital data installation system, digital data installation method, program, and recording medium with program recorded thereon | |
US11593463B2 (en) | Execution type software license management | |
Purba et al. | Assessing Privileged Access Management (PAM) using ISO 27001: 2013 Control | |
US20210182364A1 (en) | Software license manager security | |
Braithwaite | Securing e-business systems: A guide for managers and executives | |
US20220353267A1 (en) | Framework for automated operator access to infrastructure in a cloud service | |
Carruthers | Account Security | |
Julbe Moya | Information technology audit principles applied to risk assessment in the infrastructure layer | |
Scanlon | World Wide Web Application Security | |
Carlsson | Developing an efficient software protection and licensing scheme | |
Fitzgerald | Security and data integrity for LANs and WANs | |
Turnbull | Hardening the Basics | |
Buecker et al. | IBM Tivoli Security Compliance Manager |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |