System and method for authorizing software use

US 20050138387A1
Filed: 12/19/2003
Published: 06/23/2005
Est. Priority Date: 12/19/2003
Status: Abandoned Application

First Claim

Patent Images

1. A method for authorizing use of a software package distributed to a user, the method comprising:

issuing the user a smart card granting access to the software package; and

granting the user access rights to the software package by authenticating the smart card, wherein the smart card includes at least one software module missing from the software package and a list of allowed software functionality.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A software vendor freely distributes software to users and issues smart cards to be used with the software. The smart card includes at least one software module missing from the software package and a list of allowed functionality dictating the capabilities of the software package. A user authenticates, using, e.g., public key cryptography, the smart card, which authorizes the use of the software. Once authorized, the module missing from the software is reunited with the rest of the software package. The software can be used limited to the allowed functionality included with the card. If more or different functionality is needed, the user can purchase another card authorizing such additional functionality, and then transfer the new functionality to the old smart card.

Citations

38 Claims

1. A method for authorizing use of a software package distributed to a user, the method comprising:
- issuing the user a smart card granting access to the software package; and
  
  granting the user access rights to the software package by authenticating the smart card, wherein the smart card includes at least one software module missing from the software package and a list of allowed software functionality.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 2. The method according to claim 1, wherein the authenticating is performed using asymmetric cryptography.
  - 3. The method according to claim 2, wherein the asymmetric cryptography is public key cryptography.
  - 4. The method according to claim 3, wherein issuing a smart card comprises:
    - generating a public key and private key pair for the smart card;
      
      issuing a digital certificate for the smart card, including the smart card'"'"'s public key;
      
      digitally signing the smart card certificate to produce an encrypted digest;
      
      issuing a digital certificate for the vendor of the software package; and
      
      loading onto the smart card the public and private key pair, the smart card certificate, the encrypted digest, and the vendor'"'"'s certificate.
  - 5. The method according to claim 4, wherein digitally signing the smart card certificate comprises:
    - generating a digest of the smart card certificate using a hash function; and
      
      encrypting the digest using a private key of the vendor.
  - 6. The method according to claim 4, wherein authenticating the smart card comprises:
    - decrypting the encrypted digest to generate a first digest;
      
      generating a second digest by running a hash function on the smart card certificate; and
      
      comparing the first digest to the second digest, wherein if the first digest and the second digest are the same, the public key of the smart card certificate is authentic.
  - 7. The method according to claim 6, further comprising:
    - using the smart card certificate'"'"'s public key to send a challenge to the smart card; and
      
      decrypting the challenge using the smart card certificate'"'"'s private key.
  - 8. The method according to claim 1, wherein the authenticating is performed using biometrics.
  - 9. The method according to claim 8, wherein the biometrics includes scanning a user'"'"'s thumbprint or iris.
  - 10. The method according to claim 1, wherein the allowed software functionality comprises supporting at least one client.
  - 11. The method according to claim 1, wherein the allowed software functionality comprises supporting at least one of mirroring and replication.
  - 12. The method according to claim 1, further comprising operating the software package in accordance with the allowed software functionality included on the smart card.
  - 13. The method according to claim 1, further comprising operating the software package by incorporating from the smart card into the software the at least one software module missing from the software package to produce a complete and operative software package.
  - 14. The method according to claim 13, further comprising periodically checking the presence of the smart card in order to authorize continued operation of the software package.
  - 15. The method according to claim 1, further comprising changing the allowed software functionality by issuing a new smart card.
  - 16. The method according to claim 15, wherein the new smart card includes a list of additional allowed software functionality.
  - 17. The method according to claim 16, further comprising authenticating the smart card and the new smart card using public key cryptography.
  - 18. The method according to claim 17, further comprising retrieving the smart card certificate and storing it in a memory location.
  - 19. The method according to claim 18, further comprising:
    - authenticating the smart card certificate;
      
      placing into a package data representing the additional allowed software functionality;
      
      encrypting the package using the smart card'"'"'s public key;
      
      adding a timestamp to the encrypted package; and
      
      digitally signing the encrypted package to produce an encrypted digest.
  - 20. The method according to claim 19, further comprising:
    - removing the additional allowed software functionality from the new smart card and storing it in the memory location;
      
      retrieving the new smart card certificate and storing it in the memory location; and
      
      authenticating the new smart card certificate.
  - 21. The method according to claim 20, wherein authenticating the new smart card certificate comprises:
    - decrypting the encrypted package; and
      
      adding the additional allowed software functionality to the smart card.
  - 22. The method according to claim 1, wherein the software package is used on a computer network.

23. A system for authorizing use of a software package, comprising:
- a smart card having at least one software module missing from the software package and a list of allowed software functionality, wherein a user is granted access rights to the software package by authenticating the smart card.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 24. The system according to claim 23, wherein the authenticating is performed using asymmetric cryptography.
  - 25. The system according to claim 24, wherein the asymmetric cryptography is public key cryptography.
  - 26. The system according to claim 25, wherein the smart card further comprises a public key and private key pair generated for the smart card, a digital certificate for the smart card including the smart card'"'"'s public key, an encrypted digest of the smart card certificate, and a certificate for the vendor of the software package.
  - 27. The system according to claim 26, wherein the encrypted digest is generated by performing a one-way hash function on the smart card certificate to produce a digest, and the digest is encrypted using a private key of the vendor.
  - 28. The system according to claim 23, wherein the authenticating is performed using biometrics.
  - 29. The system according to claim 28, wherein the biometrics includes scanning a user'"'"'s thumbprint or iris.
  - 30. The system according to claim 23, wherein the allowed software functionality comprises supporting at least one client.
  - 31. The system according to claim 23, wherein the allowed software functionality comprises supporting at least one of mirroring and replication.
  - 32. The system according to claim 23, wherein the software package is operated in accordance with the allowed software functionality included on the smart card.
  - 33. The system according to claim 23, further comprising a new smart card having a list of additional allowed software functionality.
  - 34. The system according to claim 33, wherein the additional allowed software functionality is added to the smart card.

35. A smart card for authorizing use of a software package, comprising:
- at least one software module missing from the software package; and
  
  a list of allowed software functionality, wherein a user is granted access rights to the software package by authenticating the smart card.
- View Dependent Claims (36, 37, 38)
- - 36. The smart card according to claim 35, wherein the authenticating is performed using public key cryptography.
  - 37. The smart card according to claim 36, further comprising:
    - a public key and private key pair generated for the smart card;
      
      a digital certificate for the smart card including the smart card'"'"'s public key;
      
      an encrypted digest of the smart card certificate; and
      
      a certificate for the vendor of the software package.
  - 38. The smart card according to claim 37, wherein the encrypted digest is generated by performing a one-way hash function on the smart card certificate to produce a digest, and the digest is encrypted using a private key of the vendor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
FalconStor, Inc (Hale Capital Management LP)
Original Assignee
FalconStor, Inc (Hale Capital Management LP)
Inventors
Li, Xiaowei, Lam, Wai T.

Application Number

US10/741,182
Publication Number

US 20050138387A1
Time in Patent Office

Days
Field of Search
US Class Current

713/185
CPC Class Codes

G06F 21/123   by using dedicated hardware...

G06F 21/125   by manipulating the program...

H04L 9/3234   involving additional secure...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

System and method for authorizing software use

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for authorizing software use

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links