Controlling execution of a software application on an execution platform in a local network

US 10,120,986 B2
Filed: 06/16/2014
Issued: 11/06/2018
Est. Priority Date: 12/18/2013
Status: Active Grant

First Claim

Patent Images

1. Method for controlling an execution of a software application on an execution platform in a first local network, comprising:

a) determining a first environment fingerprint including a first network fingerprint of the first local network by using at least two devices relating to the first local network and predetermined rules, the first network fingerprint including a domain name relating to the first network or unique information stored in a directory relating to the first network, wherein said first network fingerprint is characteristic for the first local network and is operative to distinguish the first local network from other local networks,b) generating a license including said first environment fingerprint, wherein said license defines terms of allowed execution of the software application on an execution platform in the first local network, the license being locked to the first local network; and

c) whenever the execution of the software application is attempted, controlling the execution by;

determining a second environment fingerprint including a second network fingerprint of a candidate local network by using said predetermined rules,comparing the second environment fingerprint with the first environment fingerprint of the license,allowing the execution of the software application according to the terms of the license where the second environment fingerprint complies with the first environment fingerprint, andpreventing the execution of the software application where the second environment fingerprint does not comply with the first environment fingerprint;

wherein in step c) the compliance of the two environment fingerprints is considered as being present if a predetermined partial compliance of the two environment fingerprints is present.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for controlling an execution of a software application on an execution platform in a first local network comprises: determining a first environment fingerprint including a first network fingerprint characteristic for the first local network using predetermined rules; generating a license including the first environment fingerprint and defining terms of allowed execution of the software application; and controlling the execution by: determining a second environment fingerprint including a second network fingerprint of a local network in which an execution platform for the software application is included using the predetermined rules; comparing the second environment fingerprint with the first environment fingerprint of the license; allowing execution of the software application according to the terms of the license where the second environment fingerprint complies with the first environment fingerprint, and preventing the execution of the software application where the second environment fingerprint does not comply with the first environment fingerprint.

4 Citations

12 Claims

1. Method for controlling an execution of a software application on an execution platform in a first local network, comprising:
- a) determining a first environment fingerprint including a first network fingerprint of the first local network by using at least two devices relating to the first local network and predetermined rules, the first network fingerprint including a domain name relating to the first network or unique information stored in a directory relating to the first network, wherein said first network fingerprint is characteristic for the first local network and is operative to distinguish the first local network from other local networks,b) generating a license including said first environment fingerprint, wherein said license defines terms of allowed execution of the software application on an execution platform in the first local network, the license being locked to the first local network; and
  
  c) whenever the execution of the software application is attempted, controlling the execution by;
  
  determining a second environment fingerprint including a second network fingerprint of a candidate local network by using said predetermined rules,comparing the second environment fingerprint with the first environment fingerprint of the license,allowing the execution of the software application according to the terms of the license where the second environment fingerprint complies with the first environment fingerprint, andpreventing the execution of the software application where the second environment fingerprint does not comply with the first environment fingerprint;
  
  wherein in step c) the compliance of the two environment fingerprints is considered as being present if a predetermined partial compliance of the two environment fingerprints is present.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. Method according to claim 1, wherein the first environment fingerprint includes a unique feature relating to a virtual machine.
  - 3. Method according to claim 1, wherein the first network fingerprint includes at least one feature of the first local network which is already present and which is not generated by the method for controlling.
  - 4. Method according to claim 1, further comprising amending the first local network in order to create a unique feature of the first local network before carrying out step a), and wherein the network fingerprint includes information characteristic for said unique feature.
  - 5. Method according to claim 1, wherein the first network fingerprint includes at least two different features and wherein in step c) the compliance of the two environment fingerprints is considered as being present if at least one of the two features is the same in both network fingerprints.
  - 6. Method according to claim 1, wherein the license includes a predetermined compliance algorithm which carries out the step of comparing the two environment fingerprints in step c).
  - 7. Method according to claim 1, wherein the first network fingerprint includes at least two features and the method includes:
    - checking whether all features of the first network fingerprint are present; and
      
      where not all but only some features of the first network fingerprint are present, replacing at least one of the not present features by another feature of the first local network.
  - 8. Method according to claim 1, wherein the first network fingerprint is amended such that an additional feature characterizing the first local network is added to the first network fingerprint.
  - 9. Method according to claim 1, wherein the first environment fingerprint includes a first execution platform fingerprint which is characteristic for said execution platform in said first local network and which is determined in step a), wherein the second environment fingerprint includes a second execution platform fingerprint which is determined in step c), and wherein in step c) the two execution platform fingerprints are compared.
  - 10. Method according to claim 1, wherein allowing the execution of the software application according to the step c) comprises allowing the execution of the software application within a Virtual Machine.

11. Non-transitory computer readable storage medium, which comprises software code executable on a computer to cause the computer to carry out a method for controlling an execution of a software application on an execution platform in a first local network, comprising:
- a) determining a first environment fingerprint including a first network fingerprint of the first local network by using at least two devices relating to the first local network and predetermined rules, the first network fingerprint including a domain name relating to the first network or unique information stored in a directory or relating to the first network, wherein said first network fingerprint is characteristic for the first local network and is operative to distinguish the first local network from other local networks,b) generating a license including said first environment fingerprint, wherein said license defines terms of allowed execution of the software application on an execution platform in the first local network, the license being locked to the first local network;
  
  c) whenever the execution of the software application is attempted, controlling the execution bydetermining a second environment fingerprint including a second network fingerprint of a candidate local network by using said predetermined rules,comparing the second environment fingerprint with the first environment fingerprint of the license,allowing the execution of the software application according to the terms of the license where the second environment fingerprint complies with the first environment fingerprint, andpreventing the execution of the software application where the second environment fingerprint does not comply with the first environment fingerprint;
  
  wherein in step c) the compliance of the two environment fingerprints is considered as being present if a predetermined partial compliance of the two environment fingerprints is present.

12. Control system for controlling an execution of a software application on an execution platform in a first local network, comprising a computer hardware control module comprising logic operative to:
- a) determine a first environment fingerprint including a first network fingerprint of the first local network by using at least two devices relating to the first local network and predetermined rules, the first network fingerprint including a domain name relating to the first network or user credentials or unique information stored in a directory relating to the first network, said first network fingerprint being characteristic for the first local network and being usable to distinguish the first local network from other local networks,b) generate a license including said first environment fingerprint, said license defining terms of allowed execution of the software application on an execution platform in the first local network, the license being locked to the first local network; and
  
  c) whenever the execution of the software application is attempted, control the execution by;
  
  determining a second environment fingerprint including a second network fingerprint of the local network by using said predetermined rules,comparing the second environment fingerprint with the first environment fingerprint of the license, andallowing the execution of the software application according to the terms of the license in case of the second environment fingerprint complies with the first environment fingerprint, and preventing the execution of the software application in case of the second environment fingerprint does not comply with the first environment fingerprint;
  
  wherein in step c) the compliance of the two environment fingerprints is considered as being present if a predetermined partial compliance of the two environment fingerprints is present.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thales DIS CPL Deutschland GmbH (Thales SA)
Original Assignee
SFNT Germany GmbH (Thales SA)
Inventors
Lange, Andreas, Kumar, Pratyush, Zunke, Michael
Primary Examiner(s)
Armouche, Hadi S
Assistant Examiner(s)
Callahan, Paul E

Application Number

US14/305,771
Publication Number

US 20150169852A1
Time in Patent Office

1,604 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/121 Restricting unauthorised ex...

H04L 63/0876 based on the identity of th...

Controlling execution of a software application on an execution platform in a local network

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

4 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Controlling execution of a software application on an execution platform in a local network

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

4 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links