Data processing: financial – business practice – management – or co – Business processing using cryptography – Usage protection of distributed data files
Reexamination Certificate
1997-10-30
2001-12-11
Decady, Albert (Department: 2132)
Data processing: financial, business practice, management, or co
Business processing using cryptography
Usage protection of distributed data files
C713S156000, C705S052000
Reexamination Certificate
active
06330549
ABSTRACT:
FIELD OF THE INVENTION
This invention relates to countermeasures for combating computer software “piracy” and, more particularly, to techniques for protecting executable computer programs (including informally distributed programs) against unauthorized use.
BACKGROUND OF THE INVENTION
The distribution of computer software fundamentally involves two parties: the software author or the author's successor in interest (i.e., the “supplier”) and a prospective end user. In a standard commercial transaction, the end user usually is motivated to acquire a legitimate right to use identified software in a particular computing environment on a satisfactory schedule, while the supplier generally is interested in receiving an acceptable return on the transaction. Various formalized distribution strategies, such as the use of retail outlets, direct sales, mail order distribution, etc., have been developed to resolve the competing interests of these parties, but many of the more popular distribution techniques tend to burden the distribution process with costs which add little, if any, value to the underlying software. For example, software suppliers frequently incur packaging and handling costs which add no substantive value to the software, but which add to the cost of delivering the software to the end users.
Furthermore, conventional commercial software distribution strategies too often fail to provide adequate protection against unauthorized use of the software. A few suppliers still “copy protect” their program offerings, but this practice has fallen into general disfavor because it restricts the ability of legitimate users to configure and backup their computing systems in accordance with their individual needs and preferences. Thus, some software suppliers have elected to forego the use of built in anti-piracy mechanisms all together, while others have adopted inconvenient countermeasures that are somewhat less objectionable to the user community. For example, some programs are designed to run only if the host computer has a program specific “dongle” on a designated port, other programs are designed to run only if the user correctly responds to a query which tends to verify the legitimacy of the user (such as a query requesting information from a specific page of the program documentation), and still other programs are designed to run only after they have been “personalized” with, say, a user name and/or address.
Computer “shareware” is distributed more informally and with less overhead cost than standard commercial software. The user-to-user distribution process that shareware tends to promote is at least arguably better aligned with the fundamental character of executable computer programs than the direct marketing/retail distribution model that now dominates the distribution of commercial software because an executable program essentially is intangible information which is represented by a pattern of binary “1's” and “0's.” Others have recognized the potential of shareware as a vehicle for distributing commercial software, but it has been difficult to capitalize in the commercial market on the efficiency and effectivity of this distribution model because there has been no easily implemented, built-in protection mechanism for enforcing the software suppliers' compensation expectations.
Mori et al., “Superdistribution: The Concept and Architecture,”
The Transactions of the IEICE,
Vol. E73, No. 7, July 1990, pp. 1133-1146 addresses this enforcement issue, but it suggests encrypting the software. Unfortunately, however, when an ordinary key encryption technique is employed for encrypting software which is subject to unrestricted distribution for use by any user, then the key for decrypting the software must necessarily also be available to any user. Mori et al., propose the use of stringent physical security measures for reducing the risk of divulging key contents to the users, but system security is questionable at best if a single common key must be available to all host computers on which the encrypted shareware might run. If, on the other hand, multiple keys are used, then multiple versions of the software must be created and distributed which is often a severe inconvenience. Also see, Mori et al., “Superdistribution: An Electronic Infrastructure for the Economy of the Future”,
Trans. of Information Proc. Soc. of Japan,
Vol. 38. No. 7, July 1997, pp 1465-1472.
Consequently, there still is a need for a cost effective response to the challenge of affording computer software suppliers adequate protection against unauthorized use of their executable computer program offerings when unrestricted distribution and installation of these programs is permitted (i.e., when a shareware distribution model is employed). For commercial applications, it would be desirable to have a system solution for automatically carrying out at least the basic elements of a commercial transaction, including communicating the supplier's asking price for program usage rights to the prospective user, registering the user's payment or promise to pay, and denying or revoking the user's usage rights if payment is not timely received. Furthermore, it would be advantageous for this solution to perform these functions even if the system resources which enforce the supplier's interests only have intermittent access to the host computer on which the user decides to run the shareware program.
SUMMARY OF THE INVENTION
To satisfy the foregoing goals, in accordance with this invention, the functionality of “protected shareware” is controlled by digitally signed messaging protocol. Protective code within the shareware controls the functionality of the shareware in response to authorization messages which are supplied directly or indirectly by the shareware supplier. These messages are digitally signed in whole or part by or on behalf of the shareware supplier using the supplier's secret signing key. The shareware, in turn, includes the public checking key for this digital signature of the supplier, thereby enabling the protective code to authenticate any such authorization message before acting in reliance upon it. The shareware includes an integrity self-checking routine which is run at appropriate times to ensure that shareware, including its protective code, is in an anticipated state. Typically this is equivalent to a finding that the code has not been altered, but it is conceivable that the code might be dynamically altered in some authorized (i.e., “anticipated”) way.
REFERENCES:
patent: 4446519 (1984-05-01), Thomas
patent: 4740890 (1988-04-01), William
patent: 4796220 (1989-01-01), Wolfe
patent: 4827508 (1989-05-01), Shear
patent: 4977594 (1990-12-01), Shear
patent: 5005200 (1991-04-01), Fischer
patent: 5010571 (1991-04-01), Katznelson
patent: 5050213 (1991-09-01), Shear
patent: 5222134 (1993-06-01), Waite et al.
patent: 5235642 (1993-08-01), Wobber et al.
patent: 5247575 (1993-09-01), Sprague et al.
patent: 5421006 (1995-05-01), Jablon et al.
patent: 5490216 (1996-02-01), Richardson, III
patent: 5553143 (1996-09-01), Ross et al.
patent: 5586186 (1996-12-01), Yuval et al.
patent: 5625690 (1997-04-01), Michel et al.
patent: 5708709 (1998-01-01), Rose
patent: 5745678 (1998-04-01), Herzberg et al.
patent: 5754761 (1998-05-01), Willsey
patent: 5982892 (1999-11-01), Hicks et al.
patent: 0 778 512 A2 (1997-06-01), None
patent: 0 803 789 A2 (1997-10-01), None
patent: WO 97/14085 (1997-04-01), None
European Search Report for Eurpean Patent Publication EP 0 913 757 A2, Dec. 21, 1999.
Mori, Ryoichi; Kawahara, Masaji. “Superdistribution: The Concept and the Architecture.”The Transactions fo the IEICE; vol. E 73; No. 7; Jul. 1990; pp. 1133-1146.
Mori, Ryoichi; Kawahara, Masaji. “Superdistribution: An Electronic Infrastructure for the Economy of the Future.”Transactions of Information Processing Society of Japan, vol. 38, No. 7, Jul. 1997, pp. 1465-1472.
De'cady Albert
Hoang Phuong-Quan
Kabakoff Steve
Webster Thomas M.
Xerox Corporation
LandOfFree
Protected shareware does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Protected shareware, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Protected shareware will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2586871