Software licensing using certificate issued by authorized authority
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-021/00
H04L-029/06
출원번호
UP-0319151
(2005-12-27)
등록번호
US-7788181
(2010-09-20)
발명자
/ 주소
Ben-Menahem, Avi
Ben-Zvi, Nir
Miller, Ronald W.
출원인 / 주소
Microsoft Corporation
대리인 / 주소
Woodcock Washburn LLP
인용정보
피인용 횟수 :
7인용 특허 :
16
초록▼
Software is governed by a digital license that specifies a certificate that must be present in order for the software (or certain features thereof) to be used. A root authority authorizes a license server to issue certificates that are called for in the digital license for an item of software. The s
Software is governed by a digital license that specifies a certificate that must be present in order for the software (or certain features thereof) to be used. A root authority authorizes a license server to issue certificates that are called for in the digital license for an item of software. The software and the digital license are installed on a machine, and the machine enrolls with the license server to obtain the certificate. When the software is run, an enforcement component evaluates the license to determine what certificate is required, and then evaluates the certificate to determine whether it meets the requirements of a license. If the certificate is invalid, the enforcement component may disable the software, or may disable certain features of the software.
대표청구항▼
What is claimed: 1. A method of distributing software to an entity and controlling the software usage based on authorized issuance of certificate comprising: authorizing the entity to issue a certificate to each of one or more machines belonging to the entity; providing the software to the entity,
What is claimed: 1. A method of distributing software to an entity and controlling the software usage based on authorized issuance of certificate comprising: authorizing the entity to issue a certificate to each of one or more machines belonging to the entity; providing the software to the entity, said entity having a right to install an instance of the software on each of the one or more machines and the right to issue a certificate to each of the one or more machines; installing said instance of the software on each of the one or more machines to provide for an installed instance of the software; issuing, by a license server of the entity, to the at least one or more machines the certificate; receiving and installing the issued certificate at the at least one or more machines; transmitting, by the license server, to each of the one or more machines a license, wherein the license includes certificate requirements; receiving, by each of the one or more machines, the transmitted license; determining, by an enforcement component at each of the one or more machines, based on the certificate requirements included in the license whether said certificate is installed on said one or more machines; determining, by the enforcement component, whether the certificate complies with the requirements by tracing a chain of authority back to the license server; and based on the determinations performed by the enforcement component, executing said installed instance of the software on said one or more machines in a first mode of usage or in a second mode of usage, wherein the first and second mode of usage are either limited-features usage or full-features usage, wherein said second mode of usage is one of a plurality of modes different from said first mode of usage. 2. The method of claim 1, wherein said authorizing comprises including in said license, by a manufacturer or a licensor of the software, an identity of said license server, or of a server to which said license server traces authority, said license including a signature of said manufacturer or said licensor, wherein the software comprises or is associated with the enforcement component that determines whether said signature is an authentic signature of said manufacturer or licensor, and wherein a condition of permitting said first mode of usage of the software on said one or more machines is that said certificate be determined by the enforcement component to have been signed by the server whose identity is included in said license, or by a server that traces authority to the server whose identity is included in said license. 3. The method of claim 1, wherein said certificate identifies said one of said machines, and wherein said license conditionally permits said first mode of usage of said installed instance of the software is further based on whether a comparison between (a) the one or more machines on which said installed instance of the software is running, and (b) said certificate, satisfies a condition, said condition being either: that the one or more machines identified in said certificate is the same as the one or more machines on which said installed instance of the software is running; or that the difference between the one or more machines identified in said certificate and the one or more machines on which said installed instance of the software is running is within a defined limit of tolerance. 4. The method of claim 1, further comprising: providing to said entity one or more media on which the software and said license are stored. 5. The method of claim 4, further comprising storing said certificate on a removable medium. 6. The method of claim 1, wherein usage of said installed instance of the software in said second mode prevents usage of at least one feature of the software that would be usable when said installed instance of the software is used in said first mode. 7. A computer storage medium having stored thereon computer executable instructions for distributing software to an entity and controlling the software usage based on authorized issuance of certificate, the computer executable instructions when executed by one or more processors cause the one or more processors to perform the steps comprising: authorizing the entity to issue a certificate to each of one or more machines belonging to the entity; providing the software to the entity, said entity having a right to install an instance of the software on each of the one or more machines and the right to issue a certificate to each of the one or more machines; installing said instance of the software on each of the one or more machines to provide for an installed instance of the software; issuing, by a license server of the entity, to the at least one or more machines the certificate; receiving and installing the issued certificate at the at least one or more machines; transmitting, by the license server, to each of the one or more machines a license, wherein the license includes certificate requirements; receiving, by each of the one or more machines, the transmitted license; determining, by an enforcement component at each of the one or more machines, based on the certificate requirements included in the license whether said certificate is installed on said one or more machines; determining, by the enforcement component, whether the certificate complies with the requirements by tracing a chain of authority back to the license server; and based on the determinations performed by the enforcement component, executing said installed instance of the software on said one or more machines in a first mode of usage or in a second mode of usage, wherein the first and second mode of usage are either limited-features usage or full-features usage, wherein said second mode of usage is one of a plurality of modes different from said first mode of usage. 8. The computer storage medium of claim 7, wherein said authorizing comprises including in said license, by a manufacturer or a licensor of the software, an identity of said license server, or of a server to which said license server traces authority, said license including a signature of said manufacturer or said licensor, wherein the software comprises or is associated with the enforcement component that determines whether said signature is an authentic signature of said manufacturer or licensor, and wherein a condition of permitting said first mode of usage of the software on said one or more machines is that said certificate be determined by the enforcement component to have been signed by the server whose identity is included in said license, or by a server that traces authority to the server whose identity is included in said license. 9. The computer storage medium of claim 7, wherein said certificate identifies said one of said machines, and wherein said license conditionally permits said first mode of usage of said installed instance of the software is further based on whether a comparison between (a) the one or more machines on which said installed instance of the software is running, and (b) said certificate, satisfies a condition, said condition being either: that the one or more machines identified in said certificate is the same as the one or more machines on which said installed instance of the software is running; or that the difference between the one or more machines identified in said certificate and the one or more machines on which said installed instance of the software is running is within a defined limit of tolerance. 10. The computer storage medium of claim 7, wherein the method further comprises: providing to said entity one or more media on which the software and said license are stored. 11. The computer storage medium of claim 10, wherein the method further comprises: storing said certificate on a removable medium. 12. The computer storage medium of claim 7, wherein usage of said installed instance of the software in said second mode prevents usage of at least one feature of the software that would be usable when said installed instance of the software is used in said first mode. 13. A system for distributing software to an entity and controlling the software usage based on authorized issuance of certificate comprising: means for authorizing the entity to issue a certificate to each of one or more machines belonging to the entity; means for providing the software to the entity, said entity having a right to install an instance of the software on each of the one or more machines and the right to issue a certificate to each of the one or more machines; means for installing said instance of the software on each of the one or more machines to provide for an installed instance of the software; means for issuing to the at least one or more machines the certificate; means for receiving and installing the issued certificate at the at least one or more machines; means for transmitting a license to each of the one or more machines, wherein the license includes certificate requirements; means for receiving the transmitted license; means for determining, based on the certificate requirements included in the license, whether said certificate is installed on said one or more machines; means for determining whether the certificate complies with the requirements by tracing a chain of authority back to the license server; and means for executing said installed instance of the software on said one or more machines in a first mode of usage or in a second mode of usage based on the determinations, wherein the first and second mode of usage are either limited-features usage or full-features usage, wherein said second mode of usage is one of a plurality of modes different from said first mode of usage. 14. The system of claim 13, wherein said authorizing comprises including in said license, by a manufacturer or a licensor of the software, an identity of said license server, or of a server to which said license server traces authority, said license including a signature of said manufacturer or said licensor, wherein the software comprises or is associated with the enforcement component that determines whether said signature is an authentic signature of said manufacturer or licensor, and wherein a condition of permitting said first mode of usage of the software on said one or more machines is that said certificate be determined by the enforcement component to have been signed by the server whose identity is included in said license, or by a server that traces authority to the server whose identity is included in said license. 15. The system of claim 13, wherein said certificate identifies said one of said machines, and wherein said license conditionally permits said first mode of usage of said installed instance of the software is further based on whether a comparison between (a) the one or more machines on which said installed instance of the software is running, and (b) said certificate, satisfies a condition, said condition being either: that the one or more machines identified in said certificate is the same as the one or more machines on which said installed instance of the software is running; or that the difference between the one or more machines identified in said certificate and the one or more machines on which said installed instance of the software is running is within a defined limit of tolerance. 16. The system of claim 13, wherein the system further comprises: means for providing to said entity one or more media on which the software and said license are stored. 17. The system of claim 16, wherein the system further comprises: means for storing said certificate on a removable medium. 18. The system of claim 13, wherein usage of said installed instance of the software in said second mode prevents usage of at least one feature of the software that would be usable when said installed instance of the software is used in said first mode.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (16)
Benson Glenn,DEX, Computer system for protecting software and a method for protecting software.
Peinado, Marcus; Liu, Donna; Ganesan, Krishnamurthy, Digital rights management system operating on computing device and having black box tied to computing device.
Downs Edgar ; Gruse George Gregory ; Hurtado Marco M. ; Lehman Christopher T. ; Milsted Kenneth Louis ; Lotspiech Jeffrey B., Electronic content delivery system.
Salas Pito ; Beir Jeffrey ; Leffler Melissa ; Glenn McDonald ; Kleppner Paul ; Morrissey Craig ; Tonra ; Jr. James E., Method and apparatus for controlling access to a product.
Doherty, Robert J.; Tierney, Peter L.; Arnaoutoglou-Andreou, Marios, System and embedded license control mechanism for the creation and distribution of digital content files and enforcement of licensed use of the digital content files.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M.; Weber, Robert P., Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.