Method and apparatus for remotely controlling and monitoring the use of computer software

US 5,388,211 A
Filed: 04/20/1993
Issued: 02/07/1995
Est. Priority Date: 04/28/1989
Status: Expired due to Fees

First Claim

Patent Images

1. A method of protecting the security of a computer program comprising the steps of:

selecting at least one portion of said computer program essential to the correct operation of the computer program, said computer program not operable without said portion;

encrypting said portion with a first encryption key utilized by an encryption means;

adding a decryption program to the operating system of a computer in which said computer program is to be run, said decryption program including a procedure for initiating the decryption of said portion of said computer program;

fetching the encrypted version of said portion of said computer program;

sending the encrypted version of said portion of said computer program to a decryption means associated with said computer in which said computer program is to be run;

decrypting said encrypted portion under the control of said decryption program to form a decrypted module, utilizing said first encryption key in said decryption means of said computer on which said computer program is to be run;

transferring said decrypted module from said decryption means to said computer for execution along with said computer program; and

deleting said decrypted module from said computer when execution of said computer program is complete, said decryption program initiating said deletion of said decrypted module.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Remote control of the use of computer data is described in a system for renting computer software which derives use and billing information, prevents unauthorized use, maintains integrity of the software and controls related intercomputer communications. A user at a target computer "downloads" programs or data, via a telephone line and remote control modules, from a host computer. Usage of the programs or data by the target computer or other accounting data are recorded and stored and, at predetermined times, the host computer "uploads" the usage data for processing. Other features include: (1) software and usage security for rental programs; (2) a polynomial generator/checker for generating block check characters for assuring integrity of data transmitted and received; (3) a voice-data switch for switching between data communication and normal telephone communication; and (4) an audio amplifier and speaker for monitoring of activity on the communication line during data transfers.

Citations

32 Claims

1. A method of protecting the security of a computer program comprising the steps of:
- selecting at least one portion of said computer program essential to the correct operation of the computer program, said computer program not operable without said portion;
  
  encrypting said portion with a first encryption key utilized by an encryption means;
  
  adding a decryption program to the operating system of a computer in which said computer program is to be run, said decryption program including a procedure for initiating the decryption of said portion of said computer program;
  
  fetching the encrypted version of said portion of said computer program;
  
  sending the encrypted version of said portion of said computer program to a decryption means associated with said computer in which said computer program is to be run;
  
  decrypting said encrypted portion under the control of said decryption program to form a decrypted module, utilizing said first encryption key in said decryption means of said computer on which said computer program is to be run;
  
  transferring said decrypted module from said decryption means to said computer for execution along with said computer program; and
  
  deleting said decrypted module from said computer when execution of said computer program is complete, said decryption program initiating said deletion of said decrypted module.
- View Dependent Claims (2, 3, 4, 5, 6, 8)
- - 2. The method of claim 1 including the further step of monitoring with monitoring means the elapsed usage time by said computer of said computer program, a real-time clock measuring the period of said usage for developing time accounting data, said decryption means including said monitoring means.
  - 3. The method of claim 2 further including the step of periodically monitoring the state of said decryption means and said monitoring means for determining if said decryption means and said monitoring means is coupled to said computer, said decryption program responsive to the occurrence of a periodic event in the execution of said computer program to initiate said periodic monitoring of said decryption means and said monitoring means.
  - 4. The method of claim 3 further including the step of erasing said computer program from said computer and preventing the executing of said computer program if said decryption means and said monitoring means are decoupled from said computer.
  - 5. The method of claim 1 including the further steps of:
    - encrypting said first encryption key with a second encryption key utilized in conjunction with said encryption means;
      
      said second encryption key incorporated in said decryption means associated with said computer in which said computer program is to be run; and
      
      transmitting said first encryption key to said decryption means in an encrypted format.
  - 6. The method of claim 1 further including the step of erasing said first encryption key if the integrity of said decryption means is lost.
  - 8. The method of claim 1 wherein said portion comprises a portion of an application program.

9. A method of providing computer programs to authorized users on a rental basis, said method comprising the steps of:
- storing in a host computer a plurality of computer programs available to be selected by authorized users at a target computer;
  
  establishing a telephone connection between said host computer and said target computer via a host remote control module and a target remote control module;
  
  selecting a computer program to be used on a rental basis at said target computer;
  
  selecting a key module of said selected computer program that is essential to the operation of said selected computer program, said selected computer program not operable without said key module;
  
  encrypting said key module in said host remote control module with a first encryption key;
  
  encrypting said first encryption key and transmitting said first encryption key to said target computer separately;
  
  downloading said selected computer program, including said encrypted key module, to said target remote control module along with an operating system modification routine;
  
  checking errors in said selected computer program and said operating system modification routine as received at said target remote controlmodule;
  
  retransmitting portions of said selected computer program and portions of said operating system modification routine if errors are detected;
  
  modifying the operating system of said target computer utilizing said operating system modification routine, said operating system modification routine including a procedure for initiating the decryption of said key module;
  
  disconnecting said telephone connection between said host computer and said target computer;
  
  decrypting said first decryption key at said target computer;
  
  fetching said encrypted key module of said computer program;
  
  sending said encrypted key module of said computer program to a decryption means associated with said target computer;
  
  decrypting said encrypted key module under the control of said operating system modification routine to form a decrypted key module, utilizing said first encryption key in said decryption means associated with said target computer;
  
  transferring said decrypted key module from said decryption means to said target computer for execution as part of said computer program; and
  
  deleting said decrypted key module from said target computer when execution of said computer program is complete, said operating system modification routine initiating said deletion of said decrypted key module.

10. Apparatus for remotely controlling and monitoring the use of computer programs comprising:
- a host computer having means for storage of a plurality of computer programs, and having communicating means for communicating simultaneously with a plurality of target computers for downloading said computer programs to said target computers and for monitoring the use of said computer programs by said target computers, said host computer remotely controlling said target computers to transmit at predetermined times data indicating elapsed time of use of downloaded computer programs;
  
  said communicating means including a telephone network, a host remote control module, and a target remote control module, said telephone network being accessible by a dial-up means at said host computer and by a dial-up means at said target computer;
  
  said target remote control module having a connection to a power source so that power to said target computer may be remotely controlled by said host computer;
  
  a telephone connected to said target remote control module and being usable for telephone communications when said telephone network is not in use;
  
  said target remote control module being provided with an audio amplifier and speaker for connection to said telephone network;
  
  said target remote control module being provided with means connected to said telephone network for switching between voice and data modes of communication capability;
  
  said host remote control module and said target remote control module including a microprocessor for control thereof, a program memory for storage of a program executed by said microprocessor in control of said remote control module, a read/write memory, a real time clock for enabling the remote control module to provide elapsed time of use of downloaded computer programs, a priority interrupt control circuit coupled to said microprocessor, a plurality of light emitting diodes for indicating status conditions within said remote control module, a modem for sending and receiving data over said telephone network;
  
  said host remote control module and said target remote control module including a data encryption/decryption module for permitting transmission of computer programs and billing information in encrypted form over said telephone network;
  
  said host remote control module and said target remote control module including a polynomial generator/checker that generates block check characters for each block of data transmitted over said telephone network to detect errors in transmission, said remote control modules including means for retransmission of data blocks upon detection of errors;
  
  said host remote control module and said target remote control module including means for automatically downloading computer programs from said host computer to said target computer over said telephone network during off-peak hours, and for uploading elapsed time of use of downloaded computer programs from said target computer to said host computer over said telephone network during off-peak hours; and
  
  said target remote control unit including security means for monitoring execution of downloaded computer programs and destroying a decryption key under predetermined conditions.

11. Apparatus for controlling and monitoring the use of a computer program comprising:
- a host computer having means for storage of computer programs, and having communicating means for communicating simultaneously with a plurality of target computers for downloading said computer programs to said target computers and for monitoring the use of said computer programs by said target computers, said host computer controlling said target computers to transmit at predetermined times data indicating elapsed time of use of downloaded computer programs;
  
  said communicating means including a host remote control module and a target remote control module;
  
  said target remote control module having a connection to a power source so that power to said target computer may be controlled by said host computer;
  
  said host remote control module and said target remote control module including a microprocessor for control thereof, a program memory for storage of a program executed by said microprocessor in control of said remote control module, a read/write memory, a real time clock for enabling the remote control module to provide elapsed time of use of downloaded computer programs, a priority interrupt control circuit coupled to said microprocessor, a modem for sending and receiving data over said communicating means;
  
  said host remote control module and said target remote control module including a data encryption/decryption module for permitting transmission of computer programs and billing information in encrypted form over said communicating means;
  
  said host remote control module and said target remote control module including a polynomial generator/checker that generates block check characters for each block of data transmitted over said communicating means to detect errors in transmission, said remote control modules including means for retransmission of data blocks upon detection of errors;
  
  said host remote control module and said target remote control module including means for automatically downloading computer programs from said host computer to said target computer over said communicating means during off-peak hours, and for uploading elapsed time of use of downloaded computer programs from said target computer to said host computer over said communicating means during off-peak hours; and
  
  said target remote control unit including security means for monitoring execution of downloaded computer programs and destroying a decryption key under predetermined conditions.

12. Apparatus for remotely controlling and monitoring the use of a computer program comprising:
- first and second computers, said first computer having means for storage of a plurality of computer programs, and having communicating means for communicating with said second computer for downloading said computer programs to said second computer and for monitoring the use of said computer programs by said second computer, said first computer remotely controlling said second computer to transmit at predetermined times data indicating elapsed time of use of said downloaded computer programs;
  
  said communicating means including a first transmitting and receiving means at said first computer, and a second transmitting and receiving means at said second computer;
  
  said first transmitting and receiving means and said second transmitting and receiving means including a microprocessor for control thereof, a program memory for storage of a program executed by said microprocessor, a read/write memory, a real time clock for enabling measurement of elapsed time of use of said downloaded computer programs, a priority interrupt control circuit coupled to said microprocessor, means for indicating status conditions of said communicating means, and a modem for sending and receiving data;
  
  said first transmitting and receiving means coupled to said first computer for transmitting a program and associated program information from said first computer and for receiving said data indicating elapsed time of use to be supplied to said first computer;
  
  said second transmitting and receiving means coupled to said first transmitting and receiving means and to said second computer for receiving the program and associated program information transmitted from said first transmitting and receiving means and for transmitting said data indicating elapsed time of use to said first transmitting and receiving means;
  
  encryption means coupled to said first computer and to said first transmitting and receiving means for encrypting at least one preselected portion of the program and associated program information to be transmitted from said first transmitting and receiving means to form an encrypted information module, said encryption means including a first encryption key for encrypting said encrypted information module, said preselected portion including at least one portion of a computer program essential to the correct execution thereof;
  
  decryption means coupled to said second transmitting and receiving means for decrypting said encrypted information module to form a decrypted information module, said decryption means including a copy of said first encryption key for decrypting said encrypted information module; and
  
  transfer means for transferring said decrypted information module to said second computer for execution by said second computer and for deleting said decrypted information module from said second computer when execution by said second computer of the received program and program information is entirely completed.
- View Dependent Claims (7, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 7. The method of claim 20 wherein said portion comprises at least one byte of data.
  - 13. Apparatus as in claim 12 further including monitoring means coupled to said transfer means for recording time accounting information from the time said decrypted information module is transferred to said second computer, until said decrypted information module is deleted from said second computer by said transfer means.
  - 14. Apparatus as in claim 13 further including:
    - memory means coupled to said monitoring means for storing said time accounting information, said second transmitting and receiving means being responsive to a command from said first computer for transmitting said time accounting information to said first computer,error detection means coupled to said first transmitting and receiving means for detecting the presence of an error in said time accounting information transmitted by said second transmitting and receiving means and for producing an error signal; and
      
      retransmission means coupled to said error detection means and responsive to said error signal for producing a signal representing a request for retransmission of said time accounting information, said second transmitting and receiving means responsive to said request for retransmission for retransmitting said time accounting information.
  - 15. Apparatus as in claim 14 further including activating means responsive to a first command from said first computer for activating said second computer.
  - 16. Apparatus as in claim 12 further including:
    - a second encryption key included in said encryption means for encrypting said first encryption key to form an encrypted first encryption key; and
      
      a copy of said second encryption key included in said decryption means for decrypting said encrypted first encryption key.
  - 17. Apparatus as in claim 12 wherein:
    - said decryption means in said second transmitting and receiving means comprises means for decrypting the encrypted information module in response to request of a user of said second computer to use the program and associated program information, said second transmitting and receiving means thereupon transmits the decrypted information module to said second computer.
  - 18. Apparatus as in claim 12 further including:
    - error detection means coupled to said second transmitting and receiving means for detecting the presence of an error in the program and associated program information transmitted by said first transmitting and receiving means and for producing an error signal; and
      
      retransmission means coupled to said error detection means and responsive to said error signal for producing a signal representing a request for retransmission of the program and associated program information transmitted by said first computer, said first transmission and receiving means being responsive to said request for retransmission for retransmitting the program and associated program information.
  - 19. Apparatus as in claim 12 wherein said first and second transmitting and receiving means are coupled to each other via a public communication network.
  - 20. Apparatus as in claim 19 wherein said first and second transmitting and receiving means each include connection means for connecting said first and second transmitting and receiving means, respectively, to said public communications means.
  - 21. Apparatus as in claim 20 further including a telephone coupled to said connection means associated with said second transmitting and receiving means, said connection means including means for connecting said telephone to said public communications network when said transmitting and receiving means is not receiving the program and associated program information and said transmitting means is not transmitting said time accounting information.
  - 22. Apparatus as in claim 12 wherein:
    - when said decrypted information module is transferred to said second computer, said decrypted information module is stored in memory means which prevents copying.

23. In a system having a central means for storage of a plurality of computer programs, and having communicating means for communicating with a computer for downloading said computer programs to said computer and for monitoring the use of said computer programs by said computer, said computer being controlled to transmit at predetermined times data indicating elapsed time of use of downloaded computer programs, a remote control device for controlling and monitoring the use of said downloaded computer programs that include encrypted portions in said computer, said remote control device comprising:
- a microprocessor for control thereof, a program memory for storage of a program executed by said microprocessor in control of said remote control device, a read/write memory, a real time clock for enabling said remote control device to provide elapsed time of use of said downloaded computer programs, a priority interrupt control circuit coupled to said microprocessor, means for indicating status conditions within said remote control device, and a modem for sending and receiving data;
  
  first coupling means coupling said remote control device to said computer for transferring preselected portions of said computer programs that include encrypted portions between said remote control device and said computer;
  
  monitoring means coupled to said first coupling means for monitoring usage of said computer programs in said computer and for developing time accounting data relative to said usage; and
  
  decryption means coupled to said first coupling means for decrypting preselected encrypted portions of said computer programs, said decryption means including a first encryption key for use by the decryption means in decrypting said preselected encrypted portions of said computer programs, said first coupling means transferring said preselected encrypted portions of said computer programs from said computer to said decryption means when said computer programs are loaded into said computer, said decryption means decrypting said preselected encrypted portions of said computer programs, said first coupling means transferring said decrypted preselected portions of said computer programs from said decryption means to said computer for execution, said monitoring means monitoring the usage of said computer programs from the point in time of the transfer of said decrypted preselected portions of said computer programs from said decryption means to said computer.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 24. A remote control device as in claim 23 further comprising:
    - second coupling means coupling said remote control device to a host computer via a communications link; and
      
      transmitting and receiving means coupled between said first and second coupling means and to said monitoring means for receiving preselected computer programs transmitted from said host computer for further transfer to said computer, said transmitting and receiving means responsive in conjunction with said monitoring means to a first command transmitted by said host computer to transmit said time accounting data relative to said usage from said monitoring means to said host computer.
  - 25. A remote control device as in claim 24 wherein said transmitting and receiving means comprises a modem and said communication link comprises a public telephone network.
  - 26. A remote control device as in claim 24 further comprising error detection means for detecting the presence of an error in blocks of said preselected computer programs transmitted from said host computer and for generating an error signal when an error is so detected.
  - 27. A remote control device as in claim 26 wherein said error detection means includes error correction means for generating error-correction signals to correct any errors so detected in said preselected computer programs.
  - 28. A remote control device as in claim 26 wherein said error detection means includes retransmission means responsive to said error-correction signals to generate a retransmission request signal, said host computer responsive to said retransmission request signal for retransmitting said blocks of computer programs containing errors.
  - 29. A remote control device as in claim 24 wherein said monitoring means includes real-time clock means for providing timing information and generating a signal for use in said remote control device.
  - 30. A remote control device as in claim 29 wherein said monitoring means further includes memory means for storing said time accounting data, said transmitting and receiving means responsive at preprogrammed times to said signal to transmit said time accounting data to said host computer.
  - 31. A remote control device as in claim 24 wherein said decryption means further includes a second encryption key for use by said decryption means in decrypting said first encryption key, said first encryption key transmitted from said host computer in an encrypted format.
  - 32. A remote control device as in claim 23 wherein said decryption means includes a second encryption key for use by said decryption means in decrypting said first encryption key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Softex Incorporated
Original Assignee
Softex Incorporated
Inventors
Hornbuckle, Gary D.
Primary Examiner(s)
Black, Thomas G.
Assistant Examiner(s)
Loomis, John C.

Application Number

US08/050,749
Time in Patent Office

658 Days
Field of Search

395/200, 395/325, 395/575, 395/600, 395/700, 380/3, 380/4, 380/25, 364/406
US Class Current

717/178
CPC Class Codes

G06F 11/10   Adding special bits or symb...

G06F 11/3409   for performance assessment

G06F 21/1077   Recurrent authorisation

G06F 21/109   by using specially-adapted ...

G06F 2201/865   Monitoring of software

G06F 2211/007   Encryption, En-/decode, En-...

G06F 2221/2135   Metering

G06Q 20/085   involving remote charge det...

G06Q 30/04   Billing or invoicing

G06Q 40/10   Tax strategies

G07F 17/0014   for vending, access and use...

G07F 17/16   for devices exhibiting adve...

Method and apparatus for remotely controlling and monitoring the use of computer software

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for remotely controlling and monitoring the use of computer software

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links