Access-control method for software module and programmable electronic device therefor
First Claim
1. A method of controlling access to a programmable electronic device configured to selectively make any of a plurality of licensed software modules installed on said device available to a user, said method comprising:
- a) classifying said plurality of licensed and installed software modules into software-access-restriction classes;
b) activating one of a plurality of access-control models associated with said device;
c) storing at least some of said software modules in an encrypted form in said device;
d) receiving a request to access one of said plurality of software modules;
e) evaluating said software-access-restriction class for said one of said plurality of software modules and said one of said plurality of access-control models to determine whether to grant access to said one of said plurality of software modules; and
f) making said one of said plurality of licensed software modules installed on said device available to a user of said device when said evaluating activity determines to grant access to said one of said plurality of software modules and denying access to said one of said plurality of licensed software modules installed on said device when said evaluating activity determines not to grant access to said one of said plurality of software modules;
wherein said making activity f) comprises;
obtaining a cipher-key from a token by combining a token-key portion of said token with a split-key to generate said cipher-key; and
decrypting said one of said plurality of software modules in response to said cipher-key to form a plain-text module, wherein said one of said plurality of software modules has a genuine split-key associated therewith, and said device also has an unlicensed program having an artificial split-key associated therewith.
6 Assignments
0 Petitions
Accused Products
Abstract
A programmable electronic device (10) stores a number of cipher-text software modules (14) to which access is granted after evaluating a user'"'"'s token (55, 80, 82), a software-restriction class (58) for a requested software module (14), and/or a currently active access-control model (60). Access-control models (60) span a range from uncontrolled to highly restrictive. Models (60) become automatically activated and deactivated as users are added to and deleted from the device (10). A virtual internal user proxy that does not require users to provide tokens (80, 82) is used to enable access to modules (16) classified in a global software-restriction class (62) or when an uncontrolled-access-control model (68) is active. Both licensed modules (76) and unlicensed modules (18,78) may be loaded in the device (10). However, no keys are provided to enable decryption of unlicensed modules (18,78).
-
Citations
20 Claims
-
1. A method of controlling access to a programmable electronic device configured to selectively make any of a plurality of licensed software modules installed on said device available to a user, said method comprising:
-
a) classifying said plurality of licensed and installed software modules into software-access-restriction classes; b) activating one of a plurality of access-control models associated with said device; c) storing at least some of said software modules in an encrypted form in said device; d) receiving a request to access one of said plurality of software modules; e) evaluating said software-access-restriction class for said one of said plurality of software modules and said one of said plurality of access-control models to determine whether to grant access to said one of said plurality of software modules; and f) making said one of said plurality of licensed software modules installed on said device available to a user of said device when said evaluating activity determines to grant access to said one of said plurality of software modules and denying access to said one of said plurality of licensed software modules installed on said device when said evaluating activity determines not to grant access to said one of said plurality of software modules; wherein said making activity f) comprises; obtaining a cipher-key from a token by combining a token-key portion of said token with a split-key to generate said cipher-key; and decrypting said one of said plurality of software modules in response to said cipher-key to form a plain-text module, wherein said one of said plurality of software modules has a genuine split-key associated therewith, and said device also has an unlicensed program having an artificial split-key associated therewith. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A programmable electronic device having an access-control system configured to selectively make any of a plurality of licensed software modules installed on said device available to a user, said device comprising:
-
a memory having a plurality of licensed software modules which have been classified into software-access-restriction classes installed therein, said memory being configured so that at least some of said software modules are in an encrypted form; an access-control-model-activator configured to activate one of a plurality of access-control models associated with said device; an input device configured to receive a request to access one of said plurality of licensed software modules; an access-control-processor configured to evaluate said software-access-restriction class for said one of said plurality of licensed software modules and to evaluate said one of said plurality of access-control models to determine whether to grant access to said one of said plurality of licensed software modules; and a module-activator configured to make said one of said plurality of licensed software modules installed on said device available to a user of said device when said access-control processor determines to grant access to said one of said plurality of licensed software modules and to deny access to said one of said plurality of licensed software modules installed on said device when said access-control processor determines not to grant access to said one of said plurality of licensed software modules; wherein said module-activator is configured to obtain a cipher-key in response to a token by combining a token-key portion of said token with a split-key to generate said cipher-key and decrypt said one of said plurality of software modules in response to said cipher-key to form a plain-text module, said one of said plurality of software modules having a genuine split-key associated therewith, and said device also having an unlicensed program having an artificial split-key associated therewith. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification