Protection of software by personalization, and an arrangement, method, and system therefor

US 20010051928A1
Filed: 04/05/2001
Published: 12/13/2001
Est. Priority Date: 04/21/2000
Status: Abandoned Application

First Claim

Patent Images

1. In an information stream associated with deliverable published software from a software publisher to a customer, an arrangement for software protection comprising a personalization, said personalization incorporated into the information stream by the software publisher and containing pre-existing personal information fundamentally related to the customer.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An arrangement, method, and system for personalizing published software according to the specific authorized user, and thereby offering protection against unauthorized copying and distribution by discouraging the authorized user from indiscriminately making and distributing unauthorized copies. The personalization is incorporated into the software build and is delivered to the authorized user with embedded pre-existing personal information, without requiring the user to input this information during setup or installation. Because the personal information has already been pre-incorporated into the deliverable published software upon receipt by the authorized user and does not require any manual entry by the user, it is feasible to employ strong cryptography using complex keys for authentication and other protective purposes. Moreover, because each delivery to an authorized user results from an individually-personalized software build, the executable modules of each distributed authorized copy of the software will have a unique binary form that can be made to vary significantly, including variations in the size of the executable module, while still having completely identical user functionality. This variation provides further protection to the software by eliminating the constant program address locations that are easy to analyze and attack with automated protection-disabling programs. Also disclosed are novel methods of utilizing an embedded strong personalization in Java applications and applets in combination with the use of signed Java archive files to afford additional protection to the software. Software protected according to the present invention may be distributed on physical media as well as via networks, but the invention is particularly well-suited to protecting software distributed via networks, such as the Internet, where prior-art protective measures are weak, clumsy, vulnerable to attack, or inapplicable.

181 Citations

28 Claims

1. In an information stream associated with deliverable published software from a software publisher to a customer, an arrangement for software protection comprising a personalization, said personalization incorporated into the information stream by the software publisher and containing pre-existing personal information fundamentally related to the customer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 2. The arrangement as in claim 1, wherein the deliverable published software is intended to execute on a plurality of computers, and wherein said personalization is not fundamentally related to any specific computer of the plurality.
  - 3. The arrangement as in claim 1, wherein the deliverable published software is intended to execute on a plurality of computers, each of the plurality of computers having a configuration, and wherein said personalization is not fundamentally related to any specific configuration.
  - 4. The arrangement as in claim 1, wherein the deliverable published software is intended to execute on computers belonging to a class of computer, and wherein the deliverable published software executes in substantially identical functional form on substantially all computers of the class of computer.
  - 5. The arrangement as in claim 1, wherein said personalization is not associated with, and does activate, any usage restriction on the deliverable published software.
  - 6. The arrangement as in claim 1, wherein said personalization does not have a fixed address within the information stream.
  - 7. The arrangement as in claim 1, wherein said personalization does not have a fixed extent within the information stream.
  - 8. The arrangement as in claim 1, wherein said personalization is authenticated.
  - 9. The arrangement as in claim 8, wherein said personalization is in an encrypted form within the information stream.
  - 10. The arrangement as in claim 1, wherein the information stream contains at least one executable module operative to displaying at least part of said personalization.
  - 11. The arrangement as in claim 1, wherein the information stream contains at least one executable module, and wherein said personalization is contained within said at least one executable module.
  - 12. The arrangement as in claim 1, further comprising a personalization validation module operative to validating a personalization.
  - 13. The arrangement as in claim 12, wherein said personalization verification module is further operative to validating an output file.
  - 14. The arrangement as in claim 12, wherein the information stream contains at least one executable module, and wherein said personalization verification module is further operative to validating said at least one executable module.
  - 15. The arrangement as in claim 12, wherein said personalization validation module is further operative, upon not detecting a valid personalization, to initiate an action included in the group containing:
    - (a) program termination;
      
      (b) operating the software in a demonstration mode; and
      
      (c) operating the software in a restricted mode.
  - 16. The arrangement as in claim 1, wherein the information stream contains at least one executable module having an authentication, and wherein said executable module executes in a secure computer environment operative to validating said authentication.
  - 17. The arrangement as in claim 1, wherein at least part of the deliverable published software is written in the Java language.
  - 18. The arrangement as in claim 17, wherein at least part of the deliverable published software is contained in a Java archive.
  - 19. The arrangement as in claim 18, wherein said Java archive is signed with an archive signature.
  - 20. The arrangement as in claim 16, wherein said secure computer environment is operative to executing Java software.
  - 21. The arrangement as in claim 12, wherein said personalization is in an encrypted form within the information stream, and wherein said personalization validation module is further operative to decrypting said encrypted form.
  - 22. The arrangement as in claim 21, wherein said encrypted form is according to a public key cryptosystem having a public key, and wherein said personalization validation module has access to said public key.
  - 23. The arrangement as in claim 1, wherein the information stream contains at least one executable module operative to writing an output file containing information derived from said personalization.

24. A method for protecting published software ordered by a customer, the method comprising the steps of:
- (a) obtaining pre-existing personal information fundamentally related to the customer;
  
  (b) producing, from said pre-existing personal information fundamentally related to the customer, a personal information module; and
  
  (c) producing an executable module deriving at least in part from said personal information module and incorporating said pre-existing personal information fundamentally related to the customer.
- View Dependent Claims (25, 26, 27)
- - 25. The method as in claim 24, further comprising the steps of:
    - (d) authenticating said personal information module; and
      
      (e) providing a personalization validation module, from which derives at least in part said executable module.
  - 26. The method as in claim 24, further comprising the steps of:
    - (d) incorporating said executable module within a Java archive; and
      
      (e) authenticating said Java archive with an archive signature.
  - 27. The method as in claim 25, further comprising the steps of:
    - (f) incorporating said executable module within a Java archive; and
      
      (g) authenticating said Java archive with an archive signature.

28. A system for protecting published software ordered by a customer, the system comprising:
- (a) a personal information collector for collecting pre-existing personal information fundamentally related to the customer;
  
  (b) a personalization compiler, for producing, from said pre-existing personal information fundamentally related to the customer, a personalization module; and
  
  (c) an executable module builder, for producing deliverable published software containing said pre-existing personal information fundamentally related to the customer and derived at least in part from said personalization module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Moshe Brody
Original Assignee
Moshe Brody
Inventors
Brody, Moshe

Application Number

US09/827,670
Publication Number

US 20010051928A1
Time in Patent Office

Days
Field of Search
US Class Current

705/52
CPC Class Codes

G06F 21/101 by binding digital rights t...

G06F 21/16 Program or content traceabi...

Protection of software by personalization, and an arrangement, method, and system therefor

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

181 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Protection of software by personalization, and an arrangement, method, and system therefor

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

181 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links