System and method for software protection and secure software distribution

US 8,533,859 B2
Filed: 04/13/2009
Issued: 09/10/2013
Est. Priority Date: 04/13/2009
Status: Active Grant

First Claim

Patent Images

1. A secure software distribution and execution method comprising:

receiving a software application from a service provider for storing in a server for downloading to a client;

coding the received software application in the server;

identifying sections of code for encryption by the server;

inserting Application Programming Interface (API) calls in the received software application at identified sections of the code for encryption before being downloaded to the client by the server, the API calls a driver in the client once the software application is downloaded to the client;

building an application and placing one or more binaries in the server;

reading an identity data of the client by the server;

generating an algorithm for encryption, a decryption algorithm and a decryption key based on received identity data of the client in the server;

encrypting the identified sections of the received software application using the generated encryption algorithm in the server; and

downloading the encrypted sections of the received software application along with the generated decryption key and the decryption algorithm to a driver of the client.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The various embodiments of the present invention provide a secure software distribution and execution method. According to the method, a server receives software from service provider for downloading to a client and identifies the sections for encoding. APIs are inserted in the identified sections. A unique ID is created based on the identity of the each client to generate an encryption algorithm, decryption key and decryption algorithm. The identified sections are encrypted with the generated encryption algorithm. The encrypted application along with encryption algorithm, decryption key and decryption algorithm are downloaded to the driver of the client machine. The API makes call to the driver by sending the encrypted segment when the encrypted portion is reached during the execution of software in the client machine so that the driver decrypts the encoded portion using the received key and the decryption algorithm to enable the continuous execution of the downloaded software.

Citations

13 Claims

1. A secure software distribution and execution method comprising:
- receiving a software application from a service provider for storing in a server for downloading to a client;
  
  coding the received software application in the server;
  
  identifying sections of code for encryption by the server;
  
  inserting Application Programming Interface (API) calls in the received software application at identified sections of the code for encryption before being downloaded to the client by the server, the API calls a driver in the client once the software application is downloaded to the client;
  
  building an application and placing one or more binaries in the server;
  
  reading an identity data of the client by the server;
  
  generating an algorithm for encryption, a decryption algorithm and a decryption key based on received identity data of the client in the server;
  
  encrypting the identified sections of the received software application using the generated encryption algorithm in the server; and
  
  downloading the encrypted sections of the received software application along with the generated decryption key and the decryption algorithm to a driver of the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1, wherein the API sends the encrypted section to the driver of the client so that the driver of the client decrypts the encrypted section using the decryption key and the decryption algorithm to enable the continuous execution of the downloaded software.
  - 3. The method according to claim 1, wherein the encryption algorithm, decryption key and decryption algorithm are unique and are different for different clients.
  - 4. The method according to claim 1, wherein the identity data includes the serial number of the client machine, serial number of the hard disc used in the client machine, biometric data and other identity related information provided by the client.
  - 5. The method according to claim 4, wherein the server assigns weighting factors to each of the identity data read from the client so that the client is authenticated to decode the encrypted section, even when the identification component is changed in the client.
  - 6. The method according to claim 5, wherein the server authenticates the client for decoding the encrypted portion of the software application by comparing a sum of the weighting factors assigned to the identity data with a threshold level.
  - 7. The method according to claim 6, wherein the server authenticates the client for decoding the encrypted section of the received software application, when the sum of the weighting factors assigned to the identity data is less than the threshold level.
  - 8. The method according to claim 1 further comprising uniquely designing a key generation algorithm for each client.
  - 9. The method according to claim 8, wherein the key generation algorithm and the decryption algorithm are run in privileged mode in cache memory.
  - 10. The method according to claim 1 further comprising decrypting the encrypted sections using the generated decryption key and the decryption algorithm and destroying the decrypted sections after each use.
  - 11. The method according to claim 1, wherein the decryption algorithm used for decrypting the different encrypted sections in the same application in the same client is different.
  - 12. The method according to claim 1, wherein a unique decryption algorithm is designed for each client, when the client initiates a software download of an application or registers a software that is available on a media.

13. A secure software distribution and execution system, comprising:
- a server into which a received software application from a service provider is stored;
  
  a client machine connectible to the server;
  
  the server having an application generator interface that codes the received software application, identifies sections of code for encryption, inserts Application Programming Interface (API) calls in the received software application at appropriate places before being downloaded to the client by the server, builds an application and placing one or more binaries in the server;
  
  the server having an ID reader that reads an identity data of the client;
  
  the server having an algorithm generator that generates an algorithm for encryption, decryption key and decryption based on received identity data of the client in the server;
  
  the server having an encryptor that encrypts the identified sections of the received software application using the generated encryption algorithm in the server; and
  
  the server having an application downloader that downloads the encrypted sections of the received software application along with the generated decryption key and the decryption algorithm to a driver of the client.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aventyn, Inc
Original Assignee
Aventyn, Inc
Inventors
Keshavachar, Bhaktha Ram, Govind, Navin
Primary Examiner(s)
To, Tuan C.
Assistant Examiner(s)
CHEUNG, CALVIN K

Application Number

US12/422,569
Publication Number

US 20100262824A1
Time in Patent Office

1,611 Days
Field of Search

726/32, 726/33, 705/51, 705/57
US Class Current

726/29
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 2221/2143   Clearing memory, e.g. to pr...

H04L 2209/603   Digital right managament [DRM]

H04L 2463/101   applying security measures ...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

H04L 63/126   the source of the received ...

H04L 67/34   involving the movement of s...

H04L 9/0819   Key transport or distributi...

H04L 9/3226   using a predetermined code,...

System and method for software protection and secure software distribution

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for software protection and secure software distribution

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links