Methods for securely distributing computer software products
First Claim
1. A computer-implemented method for distributing a software module by a distribution server having access to a plurality of software modules, comprising:
- encrypting said software module with an encryption key;
distributing said encrypted software module, over a network, from said distribution server to storage of a computing device of a user;
receiving information identifying the user;
creating, based on the information identifying the user, a user public key and a user private key;
sending the user public key to the computing device;
receiving a client public key from the computing device, wherein the computing devices creates the client public key and a client private key based on information identifying the computing device;
applying a first tier of encryption to a decryption key by encrypting the decryption key with the client public key, thereby creating an encrypted decryption key, and then applying a second tier of encryption to the decryption key by encrypting the encrypted decryption key with the user private key, thereby creating a two-tiered encrypted version of the decryption key; and
transmitting the two-tiered encrypted version of the decryption key to the computing device of the user, wherein the decryption key, once removed of the two-tiered encryption at the computing device is used to decrypt the encrypted software module present at the storage of the computing device.
3 Assignments
0 Petitions
Accused Products
Abstract
A product distribution and payment system for limited use or otherwise restricted digital software products. Digital content data comprising a software product to be rented is made available to customers through a detachable local storage medium, such as a DVD or CD-ROM disc, or over a network connection. The product digital content is capable of being accessed and played back through a computer or game console at the customer site. The software product may comprise a limited use product that is restricted in the number of plays or duration of use. The customer is allowed to download and purchase the product using his computer or playback console. The product purchase information is encoded and transmitted to the content distributor. When the preset time or number of plays has elapsed the software program is frozen and access to the program is not allowed. In one embodiment of the present invention, a two-way, public key/private key encryption system is implemented to transmit the product and usage information between the server providing the software product and the customer computer system.
13 Citations
18 Claims
-
1. A computer-implemented method for distributing a software module by a distribution server having access to a plurality of software modules, comprising:
-
encrypting said software module with an encryption key; distributing said encrypted software module, over a network, from said distribution server to storage of a computing device of a user; receiving information identifying the user; creating, based on the information identifying the user, a user public key and a user private key; sending the user public key to the computing device; receiving a client public key from the computing device, wherein the computing devices creates the client public key and a client private key based on information identifying the computing device; applying a first tier of encryption to a decryption key by encrypting the decryption key with the client public key, thereby creating an encrypted decryption key, and then applying a second tier of encryption to the decryption key by encrypting the encrypted decryption key with the user private key, thereby creating a two-tiered encrypted version of the decryption key; and transmitting the two-tiered encrypted version of the decryption key to the computing device of the user, wherein the decryption key, once removed of the two-tiered encryption at the computing device is used to decrypt the encrypted software module present at the storage of the computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 16, 17, 18)
-
-
8. A computer-implemented method for distributing a software module from a distribution server having access to a plurality of software products, the software module having one or more features, comprising:
-
encrypting said software module with an encryption key; distributing said encrypted software module, over a network, from said distribution server to storage of a computing device of a user; receiving information identifying the user; creating, based on the information identifying the user, a user public key and a user private key; sending the user public key to the computing device; receiving a client public key from the computing device, wherein the computing devices creates the client public key and a client private key based on information identifying the computing device; applying a first tier of encryption to a decryption key by encrypting the decryption key with the client public key, thereby creating an encrypted decryption key, and then applying a second tier of encryption to the decryption key by encrypting the encrypted decryption key with the user private key, thereby creating a two-tiered encrypted version of the decryption key; and transmitting the two-tiered encrypted version of the decryption key to the computing device of the user, wherein the decryption key, once removed of the two-tiered encryption at the computing device is used to decrypt the encrypted software module present at the storage of the computing device. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer-implemented method for distributing a software product from a distribution server having access to a plurality of software products, the software product having one or more features, comprising:
-
receiving information identifying a user; creating, based on the information identifying the user, a user public key and a user private key; sending the user public key to the computing device; receiving a client public key from the computing device, wherein the computing devices creates the client public key and a client private key based on information identifying the computing device; for a particular software product, applying a first tier of encryption to a decryption key for the particular software product by encrypting the decryption key with the client public key, thereby creating an encrypted decryption key, and then applying a second tier of encryption to the decryption key by encrypting the encrypted decryption key with the user private key, thereby creating a two-tiered encrypted version of the decryption; and transmitting the two-tiered encrypted version of the decryption key to the computing device of the user, wherein the decryption key, once removed of the two-tiered encryption at the computing device is used to decrypt at least one of the features of the software product present at a storage of the computing device. - View Dependent Claims (15)
-
Specification