Software fingerprinting and branding

US 6,000,030 A
Filed: 06/20/1996
Issued: 12/07/1999
Est. Priority Date: 06/20/1996
Status: Expired due to Term

First Claim

Patent Images

1. A method of controlling the distribution of computer software products stored at a file server to target computers comprising the steps ofrequesting the identity of a user and the user'"'"'s first secret key to enable access to requested program product,encoding the requested program product, if the user identity and the secret key match corresponding entries in a file server, using a second key known to the user, andembedding in said encoded program an identification of said user.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for controlling the distribution of computer software products stored at a file server provide for requesting the identity of the user and the user'"'"'s secret key prior to enabling access to a requested program product. The program product, upon proper verification of the user identify, is encoded using a second key which is known to the user, and preferably an identification of the user is embedded in the encoding program. Various methods are employed for tracking user access to particular programs, including storing the identify of the user either camouflaged in a commonly found program in non-volatile memory or hidden in a typically overlooked portion of non-volatile memory. In addition, the encoded program can have embedded therein one, and preferably two identifications of the user which can be used to track the program as well as to ensure that the program, when executed has not been tampered with. Upon execution of the encoded program by the user'"'"'s system, the code is executed "on the fly" and no executable copy of the code is stored in non-volatile memory at any time. In the event that decoding does not result in a properly executable program, the system may need to be rebooted and/or the program may be at least partially destroyed.

116 Citations

24 Claims

1. A method of controlling the distribution of computer software products stored at a file server to target computers comprising the steps ofrequesting the identity of a user and the user'"'"'s first secret key to enable access to requested program product,encoding the requested program product, if the user identity and the secret key match corresponding entries in a file server, using a second key known to the user, andembedding in said encoded program an identification of said user.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 further comprising the steps of storing at said file server, written in a camouflaged manner in a program on a disk memory, an identification of the user accessing said requesting program.
  - 3. The method of claim 2 further comprising the step ofstoring in non-volatile, non-disk memory, at the file server, an identification of the user accessing said requested program.
  - 4. The method of claim 1 wherein said embedding step further comprises the step ofembedding at least two identifications of said user in said encoded program, at least one identification being difficult to find and at least one identification being easy to find.
  - 5. The method of claim 4 further comprising the steps ofencoding the requested program with a CRC for determining whether any of the embedded user identifications has been changed after encoding, anddisabling at least portions of the encoded program when a CRC check calculation fails during program execution.
  - 6. The method of claim 1 further comprising the steps ofdecoding said program upon receipt of the second key from the user, andexecuting said decoded program.
  - 7. The method of claim 6 wherein said decoding and executing steps operate without storing a copy of said decoded program in non-volatile memory.
  - 8. The method claim 1 further comprising the steps ofdecoding said program using a decoding key provided by a user, andexecuting said decoded program in a normal operating fashion when said decoding key corresponds to the second key, and in a program destruct fashion when said decoding key does not correspond to said second key.
  - 9. The method of claim 8 wherein said executing step, operating in a program destruct fashion, comprises the step ofrendering at least portions of said encoded program unexecutable.
  - 10. The method of claim 8 wherein said executing step, operating in said program destruct fashion, comprises the step ofdisabling the computer system attempting to execute said program, thereby requiring said system to at least be rebooted.
  - 11. The method of claim 1 wherein said encoding step is further dependent upon a third key derived from the address on hard disk at which the encoded program is stored.

12. A method of controlling the distribution of computer software products stored at a file server and delivered upon a request from a user over a network to a target client comprising the steps ofreceiving from a user a request to deliver a computer program over said network,requesting the identity of said user and the user'"'"'s secret key before enabling access to the requested computer programverifying the identity of the user, using the user'"'"'s secret key,encoding the requested program using at least an encoding key known to the user,embedding in the encoded program at least one identification of the user, anddelivering the encoded program over the network to the user.

13. Apparatus for controlling the distribution of computer software products stored at a file server to target computers comprisingmeans for requesting the identity of a user and the user'"'"'s first secret key to enable access to requested program product,means for encoding the requested program product, if the user identity and the secret key match corresponding entries in a file server using a second key known to the user, andmeans for embedding in said encoded program an identification of said user.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 14. The apparatus of claim 13 further comprisingmeans for storing at said file server, written in a camouflaged program on a disk memory, an identification of the user accessing said requesting program.
  - 15. The apparatus of claim 14 further comprisingmeans for storing in non-volatile, non-disk memory, at the file server, an identification of the user accessing said requested program.
  - 16. The apparatus of claim 13 wherein said embedding means further comprisesmeans for embedding at least two identifications of said user in said encoded program, at least one identification being difficult to find and at least one identification being easy to find.
  - 17. The apparatus of claim 16 further comprisingmeans for encoding the requested program with a CRC for determining whether any of the embedded user identifications has been changed after encoding, andmeans for disabling at least portions of the encoded program when a CRC check calculation fails during program execution.
  - 18. The apparatus of claim 13 further comprisingmeans for decoding said program upon receipt of the second key from the user, andexecuting said decoded program.
  - 19. The apparatus of claim 18 wherein said decoding and executing means operate without storing a copy of said decoded program in non-volatile memory.
  - 20. The apparatus of claim 13 further comprisingmeans for decoding said program using a decoding key provided by a user, andmeans for executing said decoded program in a normal operating fashion when said decoding key corresponds to the second key, and in a program destruct fashion when said decoding key does not correspond to said second key.
  - 21. The apparatus of claim 20 wherein said executing means, operating in a program destruct fashion, comprisesmeans for rendering at least portions of said encoded program unexecutable.
  - 22. The apparatus of claim 20 wherein said executing means, operating in said program destruct fashion, comprisesmeans for disabling the computer system attempting to execute said program, thereby requiring said system to at least be rebooted.
  - 23. The apparatus of claim 13 wherein said encoding means is further dependent upon a third key derived from the address on hard disk at which the encoded program is stored.

24. Apparatus for controlling the distribution of computer software products stored at a file server and delivered upon a request from a user over a network to a target client comprisingmeans for receiving from a user a request to deliver a computer program over said network,means for requesting the identity of said user and the user'"'"'s secret key before enabling access to the requested computer programmeans for verifying the identity of the user, using the user'"'"'s secret key,means for encoding the requested program using at least an encoding key known to the user,means for embedding in the encoded program at least one identification of the user, andmeans for delivering the encoded program over the network to the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Gordon, Scott B., Steinberg, Henry L.
Primary Examiner(s)
Grant, William
Assistant Examiner(s)
GARLAND, STEVEN R

Application Number

US08/667,337
Time in Patent Office

1,265 Days
Field of Search

364/200, 364/479.07, 380/4, 380/23, 380/25, 395/186, 395/187.01, 395/188.01, 707/9, 711/151, 711/152, 711/163, 711/164, 713/200, 713/201, 713/202
US Class Current

726/28
CPC Class Codes

B82Y 30/00 Nanotechnology for material...

G06F 21/10 Protecting distributed prog...

Software fingerprinting and branding

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

116 Citations

24 Claims

Specification

Use Cases

Quick Links

Others

Software fingerprinting and branding

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

116 Citations

24 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others