Method for monitoring software using encryption including digital signatures/certificates

US 20030110375A1
Filed: 02/04/2003
Published: 06/12/2003
Est. Priority Date: 06/04/1998
Status: Active Grant

First Claim

Patent Images

1. A method for reducing unauthorized use of computer software, the method comprising:

contacting a computer software representative to obtain an activation code to authorize continued operation of the computer software on a computer such that the computer software is useable without requiring continuous contact with the computer software representative;

collecting registration information from at least one of the computer software user and the computer upon contact with the computer software representative;

transferring an activation code from the computer software representative to at least one of the computer software, the computer software user, and the computer using a digital signature or certificate to resist modification of the activation code;

verifying authenticity of the digital signature or certificate before allowing the computer software to operate on the computer; and

repeating the steps of contacting, collecting, transferring, and verifying at predetermined periods.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for reducing unauthorized software use include generating a key based on computer-specific information of a computer on which the software is installed and using the key to encrypt an authorization code which enables use of the software on the computer. A representative maintains contact with the software user as a new authorization code from the representative is required after some period of use of the software. The representative encrypts the new password using the key and transfers the encrypted key to authorize use of the software for a next period of use. The encrypted password is a form of digital signature or certificate which is unique to a particular computer and limits use of the software to the particular computer. The key may be generated using various computer-specific information such as the motherboard/processor identification, the number of bad sectors or hard disk identification, and/or the amount of installed memory.

Citations

40 Claims

1. A method for reducing unauthorized use of computer software, the method comprising:
- contacting a computer software representative to obtain an activation code to authorize continued operation of the computer software on a computer such that the computer software is useable without requiring continuous contact with the computer software representative;
  
  collecting registration information from at least one of the computer software user and the computer upon contact with the computer software representative;
  
  transferring an activation code from the computer software representative to at least one of the computer software, the computer software user, and the computer using a digital signature or certificate to resist modification of the activation code;
  
  verifying authenticity of the digital signature or certificate before allowing the computer software to operate on the computer; and
  
  repeating the steps of contacting, collecting, transferring, and verifying at predetermined periods.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1 wherein:
    - the registration information is collected automatically.
  - 3. The method of claim 1 wherein:
    - the digital signature or certificate is at least partially based on the registration information.
  - 4. The method of claim 3 wherein:
    - the registration information includes computer-specific information, wherein the step of verifying authenticity of the digital signature or certificate includes verifying authenticity of the digital signature or certificate based on the computer-specific information.
  - 5. The method of claim 4 wherein:
    - the computer-specific information includes disk drive statistics.
  - 6. The method of claim 4 wherein:
    - the computer-specific information includes a computer component serial number.
  - 7. The method of claim 4 wherein:
    - the computer-specific information includes a network address.
  - 8. The method of claim 4 wherein:
    - the computer-specific information includes a network interface card (NIC) address.
  - 9. The method of claim 8 wherein:
    - the NIC address is a media access control (MAC) address.
  - 10. The method of claim 1 wherein the digital signature or certificate includes an expiration date, the method further comprising:
    - determining whether the digital signature or certificate has expired; and
      
      contacting the computer software representative to obtain a new digital signature or certificate for the activation code within a predetermined period of expiration.
  - 11. The method of claim 1 further comprising:
    - encrypting information transferred to and from the computer software representative using an encryption key based on computer-specific information.
  - 12. The method of claim 1 further comprising:
    - encrypting the computer software using at least some of the registration information; and
      
      downloading the encrypted computer software to the computer.
  - 13. The method of claim 1 wherein:
    - the step of collecting registration information is performed before the computer software is transferred to the computer software user.
  - 14. The method of claim 1 wherein:
    - the digital signature or certificate is generated using the registration information, the activation code, and the serial number of the computer software.
  - 15. The method of claim 1 wherein:
    - the predetermined periods are based on the value of the computer software.

16. A method for reducing unauthorized use of computer software by limiting use of the computer software to a specific computer, the method comprising:
- automatically collecting computer-specific information from the computer and transferring the collected computer-specific information to a computer software agent;
  
  encrypting digital information at least partially using the computer-specific information;
  
  receiving the encrypted digital information from the computer software agent;
  
  allowing the computer software to operate on the computer during an authorization period only if the digital information can be decrypted by the computer using the computer-specific information; and
  
  repeating the steps of automatically collecting, encrypting, receiving, and allowing at predetermined periods.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 24, 25)
- - 17. The method of claim 16 wherein:
    - the digital information includes information regarding the computer software.
  - 18. The method of claim 16 further comprising:
    - verifying authenticity of the digital information using a digital certificate.
  - 19. The method of claim 16 further comprising:
    - verifying authenticity of the digital information using a digital signature.
  - 20. The method of claim 16 wherein:
    - the computer-specific information includes a network interface card (NIC) address.
  - 21. The method of claim 20 wherein:
    - the NIC address is a media access control (MAC) address.
  - 22. The method of claim 16 wherein:
    - the digital information includes information regarding the authorization period.
  - 24. The method of claim 16 wherein:
    - the authorization period is based on a calendar.
  - 25. The method of claim 24 further comprising:
    - obtaining the current date from the computer software agent; and
      
      determining whether to allow the computer software to operate on the computer based on the current date and the authorization period.

23. The method of 16 wherein:
- the authorization period is based on elapsed running time of the computer software.

26. A method for providing periodic contact with a computer software user to repeatedly transfer information to the computer software user, the method comprising:
- contacting a computer software agent to obtain an activation code to authorize continued operation of computer software on a computer such that the computer software is useable without requiring continuous contact with the computer software agent;
  
  receiving registration material from at least one of the computer software user and the computer upon contact with the computer software agent;
  
  encrypting at least a portion of information to be transferred to the computer software user based on the registration material;
  
  transferring the information to the computer software user using a digital signature, a digital certificate, or a digital wrapper; and
  
  repeating the steps of contacting, receiving, encrypting, and transferring at predetermined periods.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 27. The method of claim 26 wherein:
    - the registration material is received automatically from the computer.
  - 28. The method of claim 26 wherein:
    - the information transferred to the computer software user includes the activation code.
  - 29. The method of claim 26 wherein the registration material includes computer-specific information, the method further comprising:
    - verifying authenticity of the digital signature, the digital certificate, or the digital wrapper based on the computer-specific information.
  - 30. The method of claim 29 wherein:
    - the computer-specific information includes disk drive statistics.
  - 31. The method of claim 29 wherein:
    - the computer-specific information includes a computer component serial number.
  - 32. The method of claim 29 wherein:
    - the computer-specific information includes a network address.
  - 33. The method of claim 29 wherein:
    - the computer-specific information includes a network interface card (NIC) address.
  - 34. The method of claim 33 wherein:
    - the NIC address is a media access control (MAC) address.
  - 35. The method of claim 26 wherein the digital signature, the digital certificate, or the digital wrapper includes an expiration date, the method further comprising:
    - determining whether the digital signature, the digital certificate, or the digital wrapper has expired; and
      
      contacting the computer software agent to obtain a new digital signature, a new digital certificate, or a new digital wrapper for the information.
  - 36. The method of claim 26 further comprising:
    - encrypting the registration material to be received from the computer software user or the computer upon contact with the computer software agent using an encryption key based on computer-specific information.
  - 37. The method of claim 26 further comprising:
    - encrypting the computer software using at least some of the registration material; and
      
      downloading the encrypted computer software to the computer.
  - 38. The method of claim 26 wherein:
    - the step of receiving registration information is performed before the computer software is transferred to the computer software user.
  - 39. The method of claim 26 wherein:
    - the digital signature, the digital certificate, or the digital wrapper is generated using the registration material, the activation code, and the computer software.
  - 40. The method of claim 26 wherein:
    - the predetermined periods are based on the value of the computer software.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
z4 Technologies Incorporated
Original Assignee
z4 Technologies Incorporated
Inventors
Colvin, David S.

Granted Patent

US 6,986,063 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/156
CPC Class Codes

G06F 21/121 Restricting unauthorised ex...

Method for monitoring software using encryption including digital signatures/certificates

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

40 Claims

Specification

Solutions

Use Cases

Quick Links

Method for monitoring software using encryption including digital signatures/certificates

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

40 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links