System, method and security device for authorizing use of a software tool
First Claim
1. A system for authorizing use of a software tool, the system comprising:
- a security device comprising;
a processor,at least one communication subsystem responsive to the processor, anda first memory accessible to the processor, the first memory storing a private key for authorizing use of the software tool and storing program instructions which, when executed by the processor, cause the processor to execute a security application;
a computing device comprising;
a second memory storing the software tool, the computing device being capable of communication with the security device via the at least one communication subsystem; and
a target device in communication with the computing device, wherein the target device is configured to generate a session value that is transmittable to the computing device;
wherein the computing device is configured to;
transmit, to the target device, an authorization request to use the software tool in relation to the target device,receive, from the target device, an encrypted request comprising the session value that is generated at the target device, andin response to the receiving of the encrypted request, transmit, to the security device, the received encrypted request to use the software tool, andwherein the security device is configured to;
execute the security application to generate a signed response in response to the encrypted request, andsend the signed response to the computing device, the signed response being;
signed using the private key andcomprising the session value in a decrypted form and authorization information to enable the computing device to prove authorization to the target device for use of the software tool in relation to the target device.
4 Assignments
0 Petitions
Accused Products
Abstract
The described embodiments relate generally to methods, systems and security devices for authorizing use of a software tool. Certain embodiments of the invention relate to a security device. The security device comprises at least one communication subsystem for enabling communication between the security device and a first external device, wherein the first external device has a software tool executable on the first external device. The security device further comprises a memory and processor coupled to the at least one communication subsystem and configured to control the at least one communication subsystem. The memory is accessible to the processor and stores a key for authorizing use of the software tool. The memory further stores program instructions which, when executed by the processor, cause the processor to execute a security application.
13 Citations
13 Claims
-
1. A system for authorizing use of a software tool, the system comprising:
-
a security device comprising; a processor, at least one communication subsystem responsive to the processor, and a first memory accessible to the processor, the first memory storing a private key for authorizing use of the software tool and storing program instructions which, when executed by the processor, cause the processor to execute a security application; a computing device comprising; a second memory storing the software tool, the computing device being capable of communication with the security device via the at least one communication subsystem; and a target device in communication with the computing device, wherein the target device is configured to generate a session value that is transmittable to the computing device; wherein the computing device is configured to; transmit, to the target device, an authorization request to use the software tool in relation to the target device, receive, from the target device, an encrypted request comprising the session value that is generated at the target device, and in response to the receiving of the encrypted request, transmit, to the security device, the received encrypted request to use the software tool, and wherein the security device is configured to; execute the security application to generate a signed response in response to the encrypted request, and send the signed response to the computing device, the signed response being; signed using the private key and comprising the session value in a decrypted form and authorization information to enable the computing device to prove authorization to the target device for use of the software tool in relation to the target device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. In a system comprising a computer system, a security device and a target device, wherein the security device and the target device are each in communication with the computer system, a method of authorizing use of a software tool stored in the computer system, the method comprising:
-
transmitting from the computer system to the target device an authorization request to use the software tool; generating at the target device a session value in response to the authorization request; encrypting the session value with a public key associated with the software tool; transmitting, from the target device to the computer system, an encrypted request comprising the encrypted session value generated at the target device; receiving, at the computer system, the encrypted request; in response to the receiving of the encrypted request at the computer system, transmitting the received encrypted request to the security device from the computer system; generating at the security device a signed response in response to the encrypted request, the signed response being signed using a private key stored in the security device, the private key being associated with the software tool, wherein the signed response comprises the session value in decrypted form and authorization information to enable the computer system to prove authorization to the target device for use of the software tool by the computer system in relation to the target device; and transmitting the signed response from the security device to the computer system. - View Dependent Claims (10, 11, 12, 13)
-
Specification