Method and system for delivery of secure software license information

US 20030149670A1
Filed: 02/05/2002
Published: 08/07/2003
Est. Priority Date: 02/05/2002
Status: Active Grant

First Claim

Patent Images

1. A method for the delivery of secure software license information to authorize use of a software product, the method comprising the steps of:

(a) associating with a software publisher a private and public key pair, wherein the software publisher provides the software product and includes a software program and an authorization program within the software product;

(b) associating a product private and public key with the software product, and including the product private key with the authorization program;

(c) upon invocation of the software product on a computer, (i) generating by the authorization program a license request containing user and product information, (ii) digitally signing the license request with the product private key, and (iii) transferring the signed license request to a key authority, (d) in response to the key authority receiving the signed license request, (i) generating a license using data extracted from the license request and license terms, (ii) signing the license with the publisher private key, and (iii) transmitting the signed license to the authorizing program; and

(e) validating the signed license using the publisher public key, and using the license terms to control the use of the software product.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for delivery of secure software license information to authorize the use of a software program is disclosed. The method and system comprises a computer system for executing the software program and the authorizing program, and a license server, connected to the computer system over a network. The method and system include associating a publisher certificate and a signed product key pair with the program to be authorized, generating a license request containing user and product information and signed by the private key from the product key pair, transmitting the license request to a license server, generating a license using data extracted from the license request and license terms, signing the license with the publisher private key associated with the publisher certificate, transmitting the license to the authorization program, validating the license using the publisher certificate, and using the license terms to control the use of the software program.

162 Citations

26 Claims

1. A method for the delivery of secure software license information to authorize use of a software product, the method comprising the steps of:
- (a) associating with a software publisher a private and public key pair, wherein the software publisher provides the software product and includes a software program and an authorization program within the software product;
  
  (b) associating a product private and public key with the software product, and including the product private key with the authorization program;
  
  (c) upon invocation of the software product on a computer, (i) generating by the authorization program a license request containing user and product information, (ii) digitally signing the license request with the product private key, and (iii) transferring the signed license request to a key authority, (d) in response to the key authority receiving the signed license request, (i) generating a license using data extracted from the license request and license terms, (ii) signing the license with the publisher private key, and (iii) transmitting the signed license to the authorizing program; and
  
  (e) validating the signed license using the publisher public key, and using the license terms to control the use of the software product.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 further including the step of providing the publisher public key as a certificate.
  - 3. The method of claim 2 further including the step of providing the product public key as a certificate.
  - 4. The method of claim 1 further including the step of providing the license in a data exchange format.
  - 5. The method of claim 4 further including the step of using XML as the data exchange format.
  - 6. The method of claim 1 further including the step of using the license returned from the key authority to deliver additional key information to the computer.
  - 7. The method of claim 1 wherein step (d) further includes the step validating the license request using digital certificates.
  - 8. The method of claim 1 wherein step (e) further included the step of validating the license response using digital certificates.
  - 9. The method of claim 1 wherein step (e) further included the step of validating the license using the product information in the license, including product ID and publisher ID.
  - 10. The method of claim 9 further including the step of transferring license terms to a separate security device for controlling the use of the software product.
  - 11. The method of claim 1 wherein step (e) further included the step of preventing use of the software product on a different computer than that used to generate the license request by using a machine fingerprint embedded in the license.

12. A method for the delivery of secure software license information to authorize use of a software product, the method comprising the steps of:
- (a) associating with a software publisher a private and public key pair, wherein the software publisher provides the software product and includes a software program and an authorization program within the software product;
  
  (b) associating a product private and public key with the software product, and including the product private key with the authorization program;
  
  (c) upon invocation of the software product on a computer, (i) generating by the authorization program a license request containing user and product information, (ii) encrypting the license request with the product private key, and (iii) transferring the encrypted license request to a key authority;
  
  (d) in response to the key authority receiving the encrypted license request, (i) decrypting the license request with the product public key (ii) generating a license using data extracted from the license request and license terms, (iii) encrypting the license with the publisher private key, and (iv) transmitting the encrypted license to the authorizing program; and
  
  (e) decrypting the license using the publisher public key, and using the license terms to control the use of the software product.
- View Dependent Claims (13, 14, 15)
- - 13. The method of claim 12 wherein step (e) further includes the step of verifying the license using the product information, including the product ID and publisher ID.
  - 14. The method of claim 13 further including the step of transferring the license terms to a separate security device for controlling the use of the software product.
  - 15. The method of claim 12 wherein step (e) further includes the step of preventing use of the software product on a different computer than that used to generate the license request by using a machine fingerprint embedded in the license.

16. A method for the delivery of secure software license information to authorize use of a software product, the method comprising the steps of:
- (a) associating with the software product to be authorized an authorization program and a set of certificates, including a publisher certificate, a product certificate, wherein each certificate contains a public key and is associated with a private key of a public/private key pair;
  
  (b) upon invocation of the software product on a computer, generating by the authorization program a formatted license request containing user and product information, signed using the private product key;
  
  (c) transmitting the license request to a key authority in conjunction with a financial transaction;
  
  (d) generating by the key authority a formatted license that includes license terms, and user and product information extracted from the license request, wherein the license is signed with the publisher private key associated with the publisher certificate;
  
  (e) transmitting the signed license to the authorizing program; and
  
  (f) validating by the authorization program the license using the publisher and certificate authority certificates and the user and product information contained within the license document, whereby the validation using the publisher and certificate authority certificates establish a trusted link back to the certificate authority and;
  
  (g) using the license terms to control the use of the software product on the computer.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
- - 17. The method of claim 16 further including the step of formatting the license request and license documents using the proposed signed XML standard definition.
  - 18. The method of claim 16 further including the step of signing the product certificate using the publisher'"'"'s private key, and signing the publisher certificate using the certificate authority'"'"'s private key, thus establishing a trusted link from the product certificate back to the certificate authority
  - 19. The method of claim 16 further including the step of signing the license request using the product private key, and including within the license request the product certificate.
  - 20. The method of claim 16 further including the step of including financial transaction information within the license request
  - 21. The method of claim 20 further including the step of including financial transaction information within the license response.
  - 22. The method of claim 16 wherein step (g) further includes the step of transferring the license terms to a separate security device for controlling the use of the software product.
  - 23. The method of claim 16 wherein step (g) further includes the step of preventing use of the software product on a different computer than that used to generate the license request by using a machine fingerprint embedded in the license.

24. A method for generating and validating a software license for a software product published by a software publisher for the purpose of authorizing use of the software product, the method comprising the steps of:
- (a) receiving, by the software publisher, a publisher certificate issued from a certificate authority , wherein the publisher certificate includes a publisher ID;
  
  (b) embedding the publisher ID within the software product to be authorized;
  
  (c) in response to receiving a license request to authorize use of the software product, signing by the software publisher the license for the software product using a private key associated with the publisher certificate, wherein the publisher certificate is included as part of the signature, such that the license for the software product can be validated by, by, (i) validating the publisher certificate using a certificate authority certificate, (ii) validating the signature and contents of the license based on the validated publisher certificate, and (iii) validating the software publisher who signed the license by comparing the publisher ID in the publisher certificate contained within the license with the publisher ID in the software product; and
  
  (d) using the validated license contents to control the use of the software product.
- View Dependent Claims (25, 26)
- - 25. The method of claim 24 further including the step of embedding a product ID within the software product and within the software license.
  - 26. The method of claim 25 further including the step of validating the license by comparing the product ID stored in the license with the product ID stored within the software product.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pace Anti-Piracy, Inc.
Original Assignee
Pace Anti-Piracy, Inc.
Inventors
Cronce, Paul A.

Granted Patent

US 7,747,531 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/59
CPC Class Codes

G06F 21/121 Restricting unauthorised ex...

Method and system for delivery of secure software license information

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

162 Citations

26 Claims

Specification

Use Cases

Quick Links

Others

Method and system for delivery of secure software license information

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

162 Citations

26 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others