Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-07-14
2004-04-13
Hua, Ly V. (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S164000, C713S193000, C705S056000
Reexamination Certificate
active
06721889
ABSTRACT:
BACKGROUND
The invention relates to a device for protecting an electronic apparatus, an installation, a system or the like against the use of functions that can be executed via lockable programs or program parts which device can be connected with the apparatus to be protected, an installation, a system or the like via an interface, whereas the protective device is assigned an identification number and contains a preferably non-erasable memory, for example, an EEPROM, for the storing of at least one activation code which activation code can be compared to the identification number, and a read-protected program memory for the storing of at least one release program is provided which release program upon agreement of the activation code with the identification number of the protective device is carried out.
Devices of this type which are also called dongle, security device, hardlock etc. serve for the protection of the individual functions of the computer software which are executed by programs or program parts. The software protection known so far is based on software and hardware solutions or on a combination of these.
Purely software solutions are typical for professional computer systems which are assigned an individual identification number, appearing only once worldwide, of the Node-ID. The protected program runs only if for every query code an appropriate answer code has been stored in the system. Prior to the execution of the program or program part, the device software calculates, from the machine identification number, a primary key value which is compared with a second primary key value calculated from the answer code. If these fit to one another, the program proceeds. Even just a part of the program code can be encoded which has to, first, be formed with a cipher key and then decoded from the answer code and the serial number.
The advantages of such a software solution lie in its user-friendly maintenance, since the storage of the answer code in the system occurs very rapidly automatically via, for example, modem or manually on the keyboard, or by transferring the code on the telephone, by fax, or orally to a service personnel who then enters it. Furthermore, it is advantageous that, for various program functions, also various codes are possible. No additional costs are incurred for every protected program and relatively high security is afforded.
The disadvantages of such a software solution exist in the fact that a change to another system with another identification number from the licensee cannot be performed. Further, the system to be protected required an unmistakable identification number which, however, is not always available and thus the system is non-secure.
As the second large area of known realization of software protection, hardware solutions that are typically employed in the PC area are considered. A device (“dongle”) connected to a computer interface answers to a query code with an answer code. Instead of simple answer codes, a coded part of the program can be decoded using this dongle or calculations of program algorithms can be transferred into the dongle. The advantages of the hardware solutions exist in the fact that the protection in the form of the dongle can be transferred from system to system which is important in an exchange of systems in the case of a defect or a generation upgrade. No identification number within the system is necessary.
A disadvantage of such a hardware solution exists, however, in the fact that normally only protection for one program or program part is obtainable for each dongle. Individual program parts cannot, or only with much effort, be newly licensed. Furthermore, this requires an own interface and also derives its power supply from the same.
The U.S. Pat. No. 5,222,133 discloses a protective device in which, for each attached program part, an answer code is stored in the read-only memory of the system to be protected, from where it can be called upon using a correct activation code.
SUMMARY
It is the object of the invention to specify a device of the type mentioned at the outset, which device offers protection against the unauthorized operation of a plurality of locked functions, without having to provided parts needed exclusively therefor in the apparatus to be protected.
It is a further object of the invention to make possible a change in the functions to be released which, without having to return the installation to be protected or the protective device to the licensor, can also be performed over long distances.
According to the invention, this is achieved in that the read-protected program memory for the storing of at least one release program is provided together with the memory for the storing of at least one activation code in the protective device.
In so doing, not only the identification number is contained in the protective device according to the invention, but it also contains the memory for the release program for the individual functions of the apparatus to be protected.
In this way, a protection against the unauthorized release of programs or program parts is made possible without having to re-calculate the activation code upon exchange of the apparatus or the installation to be protected. Based on the instructions of the program memory in the protective device, it is not needed in the installation to be protected. Various protection mechanisms can be chosen for the individual programs or program parts, as long as the appropriate algorithms fit into the program memory of the protective device according to the invention. These can then be turned on or off individually. Should the apparatus to be protected become defective, a replacement system with the protective device according to the invention can continue to operate at any time. The protective device according to the invention can already be pre-configured to the desired specifications of the user at the system manufacturer or the software supplier.
According to another variation of the invention, it can provided that, in the read-protected program memory, a plurality of release programs and, in the activation code memory, the activation codes corresponding to the release programs are stored, which release programs are selected separately from one another.
In that way, protection mechanisms for a plurality of programs or program parts can be chosen in various forms independently from one another.
According to another characteristic of the invention, the read-protected program memory can provided along with a microprocessor in a protective device.
In that way, all communications or re-coding and comparison processes can be processed centrally in a simple manner.
In a further elaboration of the invention, it can be provided that at least one part of the release programs can be activated via an input device separate from the apparatus to be protected and connected with the protective device.
If, on the apparatus to be protected, there is no input system for the activation of further release programs, then the activation codes of the protective device according to the invention can be changed, in this way, on this separate input system accordingly.
According to another variation of the invention, it can provided that the protective device can be connected via a plug to the apparatus, installation, system or the like to be protected.
In so doing, the authorization obtained through the protective device for the operating of the particular program also for other apparatuses, installations, for example, for an installation of a next generation can be replaced with such a plug connection.
In a further elaboration of the invention, it can be provided that the power supply of the protective device is provided from the parallel interface.
In that way, the protective device can be operated without its own power supply arrangement.
A further object of the invention can consist in specifying a method for the release of a locked program or program part with the use of a protective device according to the invention.
This can be achieved in a way in which, in a
Jaegtnes Leif Ingemar
Zimmermann Gerhard
Ericsson Enterprise GmbH
Hua Ly V.
LandOfFree
Device for protecting an electronic apparatus does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Device for protecting an electronic apparatus, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Device for protecting an electronic apparatus will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3260350