Remote authorization for unlocking electronic data system and method

US 7,346,583 B2
Filed: 03/31/2003
Issued: 03/18/2008
Est. Priority Date: 12/22/1997
Status: Expired due to Fees

- Alert
- Pin

Associated Cases

Associated Defendants

First Claim

Patent Images

1. A method for controlling unauthorized use of software distributed by a vendor comprising the steps of:

generating, with a digital signature algorithm, a verification key;

combining software and the verification key to create distributable software;

inputting identifying information, with the identifying information including user-identifying information, licensing information, batch number, user token, date, or time, or with the identifying information including a hash of user-identifying information, licensing information, batch number, user token, date, or time, to a user-key generator;

converting, with the user-key generator, the identifying information to a numeric representation;

generating, using the numeric representation, a user key, with the digital signature algorithm;

conveying the user key to the user computer system; and

verifying, with the verification key, a relationship between the user key and the identifying information to determine an access level to the software.

View all claims

1 Assignment

Timeline View

Assignment View

Litigations

0 Petitions

Accused Products

Abstract

Controlling unauthorized access to software distributed to a user by a vendor. A verification key is generated by a product key generator and either embedded in the software prior to distribution or packaged with the software as a self-installing package. The verification key includes a public verification key. The combination of the software and the verification key create distributable software which is distributed to a user. The user installs the software on a user computer system as protected software. To obtain a user key, the user inputs identifying information, which may be for the user or for a group, which is sent to a user key generator. The user key generator converts the identifying information to a numeric representation and then generates, by signing the numeric representation with the private signing key, a user key, which is returned to the user. Using the verification key, a user key verifier verifies a relationship between the user key and the identifying information to determine an access level to the protected software. The system verifies the relationship between the user key and the identifying information every time the software is run to ensure continued protection of the software after installation.

22 Citations

View as Search Results

37 Claims

1. A method for controlling unauthorized use of software distributed by a vendor comprising the steps of:
- generating, with a digital signature algorithm, a verification key;
  
  combining software and the verification key to create distributable software;
  
  inputting identifying information, with the identifying information including user-identifying information, licensing information, batch number, user token, date, or time, or with the identifying information including a hash of user-identifying information, licensing information, batch number, user token, date, or time, to a user-key generator;
  
  converting, with the user-key generator, the identifying information to a numeric representation;
  
  generating, using the numeric representation, a user key, with the digital signature algorithm;
  
  conveying the user key to the user computer system; and
  
  verifying, with the verification key, a relationship between the user key and the identifying information to determine an access level to the software.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 37)
- - 2. The method as set forth in claim 1, with the step of combining further including the steps of:
    - embedding the verification key into the software; and
      
      embedding a user key verifier into the software, the user key verifier verifying, with the verification key, the relationship between the user key and the identifying information.
  - 3. The method as set forth in claim 1, with the step of combining further including the step of creating a self-installing distributable package containing the verification key, the software, and a user key verifier.
  - 4. The method as set forth in claim 3, further including the step of running the self-installing distributable package to embed the verification key and the user key verifier into the software.
  - 5. The method as set forth in claim 1, further comprising the step of storing the user key and the user-identifying information, licensing information, batch number, user token, date, or time.
  - 6. The method as set forth in claim 1, with the step of generating a verification key comprising the steps of:
    - generating, with the digital signature algorithm, a private signing key; and
      
      generating, with the digital signature algorithm, a public verification key.
  - 7. The method as set forth in claim 6 with the step of generating a user key comprising the step of signing, using the digital signature algorithm, the numeric representation with the private signing key.
  - 8. The method as set forth in claim 1, with the step of conveying the user key including the step of conveying the user key via document, electronic mail (email), or a network transaction.
  - 9. The method as set forth in claim 1, with the step of verifying including the step of verifying at any of specific date and time, or with a desired frequency.
  - 37. The method as set forth in claim 1, 10, 19, or 28 with the step of verifying including the step of verifying, by at least a portion of contents of a user-key verifier external to or embedded in the software, using an authentication key.

10. A method for controlling unauthorized use of software distributed by a vendor comprising the steps of:
- generating, with a digital signature algorithm, a verification key;
  
  combining software and the verification key to create distributable software;
  
  inputting identifying information, with the identifying information including user-identifying information, licensing information, batch number, user token, date, or time, to a user-key generator;
  
  converting, with the user-key generator, the identifying information to a numeric representation;
  
  generating, using the numeric representation, a user key, with the digital signature algorithm;
  
  hashing the identifying information to generate hashed-identifying information;
  
  conveying the user key to the user computer system; and
  
  verifying, with the verification key, a relationship between the user key and the hashed-identifying information to determine an access level to the software.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method as set forth in claim 10, with the step of combining further including the steps of:
    - embedding the verification key into the software; and
      
      embedding a user key verifier into the software, the user key verifier verifying, with the verification key, the relationship between the user key and the hashed-identifying information.
  - 12. The method as set forth in claim 10, with the step of combining further including the step of creating a self-installing distributable package containing the verification key, the software, and a user key verifier.
  - 13. The method as set forth in claim 12, further including the step of running the self-installing distributable package to embed the verification key and the user key verifier into the software.
  - 14. The method as set forth in claim 10, further comprising the step of storing the user key and the user-identifying information, licensing information, batch number, user token, date, or time.
  - 15. The method as set forth in claim 10, with the step of generating a verification key comprising the steps of:
    - generating, with the digital signature algorithm, a private signing key; and
      
      generating, with the digital signature algorithm, a public verification key.
  - 16. The method as set forth in claim 15 with the step of generating a user key comprising the step of signing, using the digital signature algorithm, the numeric representation with the private signing key.
  - 17. The method as set forth in claim 10, with the step of conveying the user key including the step of conveying the user key via document, electronic mail (e-mail), or a network transaction.

18. The method as set forth in claim or 10, with the step of verifying including the step of verifying at any of specific date and time, or with a desired frequency.

19. A method for controlling unauthorized use of software distributed by a vendor comprising the steps of:
- generating, with a digital signature algorithm, a verification key;
  
  combining software and the verification key to create combined software;
  
  inputting identifying information, with the identifying information including user-identifying information, licensing information, batch number, user token, date, or time, or with the identifying information including a hash of user-identifying information, licensing information, batch number, user token, date, or time, to a user-key generator;
  
  converting, with the user-key generator, the identifying information to a numeric representation;
  
  generating, using the numeric representation, a user key, with the digital signature algorithm;
  
  conveying the user key to the user computer system; and
  
  verifying, with the verification key, a relationship between the user key and the identifying information to determine an access level to the software.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The method as set forth in claim 19, with the step of combining further including the steps of:
    - embedding the verification key into the software; and
      
      embedding a user key verifier into the software, the user key verifier verifying, with the verification key, the relationship between the user key and the identifying information.
  - 21. The method as set forth in claim 19, with the step of combining further including the step of creating a self-installing distributable package containing the verification key, the software, and a user key verifier.
  - 22. The method as set forth in claim 21, further including the step of running the self-installing distributable package to embed the verification key and the user key verifier into the software.
  - 23. The method as set forth in claim 19, further comprising the step of storing the user key and the user-identifying information, licensing information, batch number, user token, date, or time.
  - 24. The method as set forth in claim 19, with the step of generating a verification key comprising the steps of:
    - generating, with the digital signature algorithm, a private signing key; and
      
      generating, with the digital signature algorithm, a public verification key.
  - 25. The method as set forth in claim 24 with the step of generating a user key comprising the step of signing, using the digital signature algorithm, the numeric representation with the private signing key.
  - 26. The method as set forth in claim 19, with the step of conveying the user key including the step of conveying the user key via document, electronic mail (e-mail), or a network transaction.
  - 27. The method as set forth in claim 19, with the step of verifying including the step of verifying at any of specific date and time, or with a desired frequency.

28. A method for controlling unauthorized use of software distributed by a vendor comprising the steps of:
- generating, with a digital signature algorithm, a verification key;
  
  combining software and the verification key to create combined software;
  
  inputting identifying information, with the identifying information including user-identifying information, licensing information, batch number, user token, date, or time, to a user key generator;
  
  converting, with the user-key generator, the identifying information to a numeric representation;
  
  generating, using the numeric representation, a user key, with the digital signature algorithm;
  
  hashing the identifying information to generate hashed-identifying information;
  
  conveying the user key to the user computer system; and
  
  verifying, with the verification key, a relationship between the user key and the hashed-identifying information to determine an access level to the software.
- View Dependent Claims (29, 30, 31, 32, 33, 34, 35, 36)
- - 29. The method as set forth in claim 28 with the step of combining further including the steps of:
    - embedding the verification key into the software; and
      
      embedding a user key verifier into the software, the user key verifier verifying, with the verification key, the relationship between the user key and the hashed-identifying information.
  - 30. The method as set forth in claim 28, with the step of combining further including the step of creating a self-installing distributable package containing the verification key, the software, and a user key verifier.
  - 31. The method as set forth in claim 30, further including the step of running the self-installing distributable package to embed the verification key and the user key verifier into the software.
  - 32. The method as set forth in claim 28, further comprising the step of storing the user key and the user-identifying information, licensing information, batch number, user token, date, or time.
  - 33. The method as set forth in claim 28, with the step of generating a verification key comprising the steps of:
    - generating, with the digital signature algorithm, a private signing key; and
      
      generating, with the digital signature algorithm, a public verification key.
  - 34. The method as set forth in claim 33 with the step of generating a user key comprising the step of signing, using the digital signature algorithm, the numeric representation with the private signing key.
  - 35. The method as set forth in claim 28, with the step of conveying the user key including the step of conveying the user key via document, electronic mail (e-mail), or a network transaction.
  - 36. The method as set forth in claim 28, with the step of verifying including the step of verifying at any of specific date and time, or with a desired frequency.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Greater Boston Authentication Solutions, LLC
Original Assignee
Christian Bielefeldt Hicks, Peter Janssen Creath
Inventors
Hicks, Christian Bielefeldt, Creath, Peter Janssen
Primary Examiner(s)
Worjloh, Jalatee

Application Number

US10/402,237
Publication Number

US 20040030903A1
Time in Patent Office

1,814 Days
Field of Search

705 50- 59, 726 23- 33, 713/176, 713/175, 380277-279
US Class Current

705/51
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 2211/007   Encryption, En-/decode, En-...

G06Q 40/04   Trading; Exchange, e.g. sto...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 9/0866   involving user or device id...

H04L 9/3247   involving digital signatures

Remote authorization for unlocking electronic data system and method

First Claim

1 Assignment

Litigations

0 Petitions

Accused Products

Abstract

22 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

Remote authorization for unlocking electronic data system and method

First Claim

1 Assignment

Subscription Required

Subscription Required

Litigations

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links