Coded data generation or conversion – Digital code to digital code converters – Adaptive coding
Reexamination Certificate
2000-04-25
2004-01-27
Williams, Howard L. (Department: 2819)
Coded data generation or conversion
Digital code to digital code converters
Adaptive coding
C341S087000
Reexamination Certificate
active
06683546
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to secure methods for distributing software and data objects, as well as to access-controlled software and data objects, and computer systems which practice or utilize any of the foregoing.
2. Description of the Prior Art
Commercial distribution of software and data (such as media files and reports) by data communication is a very rapidly growing form of commerce. It is both efficient and convenient as compared to traditional distribution methods.
Distribution of software and data on a “Try and Buy” basis permits the user to run or “demo” the product before committing to buy it. This assumes that the software licensor or media distributor somehow exercises control over the use of the product at least until the recipient buys the right to use it. The widespread availability of data communication, especially via the Internet, also emphasizes the need for the software licensor and other media distributors to exercise control over their products.
One technique for controlling access to executables involves “wrapping” the executable to be controlled within a second program, termed a “wrapper”. In effect, the executable to be controlled and the wrapper are joined into one executable, in which the wrapper is executed first and controls access to the wrapped executable.
However, conventional software protection systems based on wrapping are easily circumvented by class attacks which destroy the security otherwise afforded by a given type of wrapper. This is achieved through a modification of only a single part of the wrapper which is identical in all wrappers of that type. Generic unprotectors can easily be obtained via the Internet.
Another form of attack is the so-called “dump attack” in which the attacker waits for the wrapped application to be decompressed and or decrypted in memory, and then dumps it to a hard disk in its original, unprotected state. Programs to carry out dump attacks also are easily obtained via the Internet.
A widely used security device injects new code into an existing executable in order to control access to the latter. When the executable is run, a specially-designed DLL executable is loaded for controlling access to the existing executable. The presumed “security” afforded by this scheme is circumvented by eliminating the call to the DLL or by modifying the DLL itself.
It has been proposed to package the objects with executables which carry out such control functions.
A dedicated user program is required to decrypt, decompress, and format the data for display by a monitor, and/or audio reproduction device. Consequently, it is necessary to provide a different user program for each data format which may be encountered. For example, a different program is required to play an AVI file than is used to display a BMP or JPG file.
It would, therefore, be desirable to provide methods, software and computer systems which control access to data objects, but do not require different programs to display or present objects in various formats. It would also be desirable to provide methods, software and computer which control access to executables but which are not subject to class attacks or dump attacks.
SUMMARY OF THE INVENTION
As used in this application, the following terms shall have the indicated meanings:
Software: includes both data and programming instructions.
Package: any software to be stored, accessed, loaded, assembled, prepared for transmission or received as a unit.
Object: any software to be run, utilized, or displayed as a unit.
Feature: a “feature” of an object is any function, instruction, capability or information included therein, or controlled or enabled thereby.
Computer System: includes a single computer or multiple cooperating computers, and includes one or more PC's, mainframes, digital processors, workstation, DSP's or a computer network or networks, or a computer internetwork.
“Wrapping”: joining one executable with another executable in a package, one of the executables (termed the “Wrapper”) being executed first and controlling access to the other executable.
“Watermark”: includes information in software which either enables identification of an owner, licensee, distribute, or another having rights in or an obligation in connection with the software, or enables identification of a version or copy of the software. Usually, but not necessarily, the watermark is imperceptible and preferably is difficult to remove from the software.
“Padding Area”: a space within a software object or package which does not contain required code or data.
In accordance with an aspect of the present invention, a method of securely distributing software with limited usage rights is provided. The method comprises: supplying software for distribution to a user, the software including access control means for preventing at least some usage thereof on a computer system without the use of a first access control code; producing the first access control code based on selected information characteristic of the predetermined computer system; and supplying the first access control code to the predetermined computer system to enable the at least some usage of the software.
In accordance with another aspect of the present invention, an executable object is provided, comprising: a first code portion comprising first predetermined instructions; and a second code portion comprising loading instructions required for loading the first code portion in a memory of a computer system to be programmed thereby, the second code portion being operative to control the computer system to erase the loading instructions from memory upon loading the first code portion in memory.
In accordance with still another aspect of the invention, a software package is provided, comprising: a first executable object, and a wrapper for the first executable object, the wrapper being operative to erase predetermined software from the first executable object when it has been loaded in running format in memory.
In accordance with a further aspect of the present invention, a computer system is provided, comprising: a processor; a memory; an instruction input device; and an executable stored in the computer system, the executable having a first code portion comprising first predetermined instructions for execution by the processor, and a second code portion including loading instructions, the processor being operative upon receipt of a predetermined instruction from the instruction input device to load the second code portion in the memory, the processor being operative under the control of the loading instructions to load the first code portion in the memory and operative under the control of the second code portion to erase the loading instructions from the memory upon loading the first code portion in memory.
In accordance with yet another aspect of the present invention, a software package comprises: a first object providing a first set of a plurality of features; a second object providing a second set of a plurality of features including some, but less than all, of the features included in the first set; and an access control portion affording selective access to the first software object and/or the second software object.
In accordance with still another aspect of the present invention, a software package is provided comprising: a first executable object, and a wrapper for the first executable object, the first executable object being operative, while running to access a feature of the wrapper; the wrapper being operative to supply the feature to the first executable object when the feature is accessed thereby.
In accordance with yet another aspect of the invention, a software package is provided comprising: a first executable object, and a wrapper for the first executable object, the first executable object being operative to call a predetermined feature external thereto; the wrapper being operative upon a call of the predetermined feature by the first executable object to transfer program execution control to a
Glenn Michael A.
Glenn Patent Group
Trymedia Systems, Inc.
Williams Howard L.
LandOfFree
Methods for producing highly compressed software products does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods for producing highly compressed software products, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods for producing highly compressed software products will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3191282