Authentication and verification for use of software
First Claim
Patent Images
1. A method of authenticating software, comprising:
- (a) selecting software to run on a computer;
(b) computing a first hash of a copy of object code associated with the software;
(c) retrieving a first encrypted security value, said first encrypted security value being an encrypted hash of another copy of object code associated with the software;
(d) decrypting the first encrypted security value to produce a first security value;
(e) comparing the first hash from (b) to the first security value from (d);
(f) computing a second hash of a combination of the first hash and the copy of the object code from (b);
(g) retrieving a second encrypted security value, said second encrypted security value being an encrypted hash of a combination of the first security value and said another copy of the object code;
(h) decrypting the second encrypted security value to produce a second security value; and
(i) comparing the second hash to the second security value.
2 Assignments
0 Petitions
Accused Products
Abstract
A computer system comprises a security computer having a security database and at least one workstation computer on which software is accessible for execution. The database includes security values that the workstation computers use to verify whether their copy of software is authentic (i.e., unmodified such as might occur from action of a virus). The database can also be used verify whether the software can be run on a particular workstation computer.
51 Citations
31 Claims
-
1. A method of authenticating software, comprising:
-
(a) selecting software to run on a computer; (b) computing a first hash of a copy of object code associated with the software; (c) retrieving a first encrypted security value, said first encrypted security value being an encrypted hash of another copy of object code associated with the software; (d) decrypting the first encrypted security value to produce a first security value; (e) comparing the first hash from (b) to the first security value from (d); (f) computing a second hash of a combination of the first hash and the copy of the object code from (b); (g) retrieving a second encrypted security value, said second encrypted security value being an encrypted hash of a combination of the first security value and said another copy of the object code; (h) decrypting the second encrypted security value to produce a second security value; and (i) comparing the second hash to the second security value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A computer system, comprising:
-
a security computer on which a security database is stored; at least one workstation computer coupled to a network administrator computer via a communication link; software accessible to said workstation computer for execution thereon; and wherein said security database includes an entry for software that can be executed on the workstation computer, said entry including; an encrypted first hash of object code associated with the software that is used by said workstation computer to verify the authenticity of the software when the software is selected to be executed; and an encrypted second hash of a combination of the first hash and the object code, the workstation computer uses the encrypted second hash to determine whether the software is authorized to run on the workstation computer. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A method of authenticating software, comprising:
-
(a) selecting software to run on a computer; (b) computing a first hash of a value uniquely associated with the software; (c) retrieving a first encrypted security value, said first encrypted security value being an encrypted hash of a value uniquely associated with another copy of the software; (d) decrypting the first encrypted security value to produce a first security value; (e) comparing the first hash from (b) to the first security value from (d); (f) computing a second hash of a combination of the first hash and the value uniquely associated with the software from (b); (g) retrieving a second encrypted security value, said second encrypted security value being an encrypted hash of a combination of the first security value and the value uniquely associated with said another copy of the software; (h) decrypting the second encrypted security value to produce a second security value; and (i) comparing the second hash to the second security value. - View Dependent Claims (28)
-
-
29. A computer system, comprising:
-
a security computer on which a security database is stored; at least one workstation computer coupled to a network administrator computer via a communication link; software accessible to said workstation computer for execution thereon; and wherein said security database includes an entry for software that can be executed on the workstation computer, said entry including; an encrypted first hash of a value uniquely associated with the software that is used by said workstation computer to verify the authenticity of the software when the software is selected to be executed; and an encrypted second hash of a combination of the first hash and the value uniquely associated with the software, the workstation computer uses the encrypted second hash to determine whether the software is authorized to run on the workstation computer. - View Dependent Claims (30)
-
-
31. A method of authenticating software, comprising:
-
(a) computing a first hash of a copy of object code associated with the software; (b) retrieving a first encrypted security value, said first encrypted security value being an encrypted hash using a private key associated with the software manufacturer of another copy of object code associated with the software; (c) decrypting the first encrypted security value to produce a first security value, said decrypting including using a public key associated with the manufacturer of the software; (d) comparing the first hash from (a) to the first security value from (c); (e) computing a second hash of the combination of the first hash from (a) and the object code associated with the software; (f) retrieving a second encrypted security value, said second encrypted security value being an encrypted hash of the combination of the first security value and the object code using a private key associated with a network administrator; (g) decrypting the second encrypted security value to produce a second security value using a public key associated with the network administrator; and (h) comparing the second hash to the second security value.
-
Specification