WO2001069353A1 - A method and a system for preventing unauthorised use of computer programs in electronic commerce - Google Patents

A method and a system for preventing unauthorised use of computer programs in electronic commerce Download PDF

Info

Publication number
WO2001069353A1
WO2001069353A1 PCT/SE2001/000515 SE0100515W WO0169353A1 WO 2001069353 A1 WO2001069353 A1 WO 2001069353A1 SE 0100515 W SE0100515 W SE 0100515W WO 0169353 A1 WO0169353 A1 WO 0169353A1
Authority
WO
WIPO (PCT)
Prior art keywords
program
computer
data
user
computer network
Prior art date
Application number
PCT/SE2001/000515
Other languages
French (fr)
Inventor
Örjan Vestgöte
Original Assignee
Vestgoete Oerjan
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vestgoete Oerjan filed Critical Vestgoete Oerjan
Priority to AU2001242920A priority Critical patent/AU2001242920A1/en
Publication of WO2001069353A1 publication Critical patent/WO2001069353A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs

Definitions

  • the present invention relates in a first aspect to a method for preventing unauthorised use of computer programs downloaded into a computer from a computer network.
  • a second aspect of the present invention relates to at least one computer program product for preventing unauthorised use of programs downloaded into a computer from a computer network.
  • a third aspect of the present invention relates to a system for preventing unauthorised use of programs downloaded into a computer from a computer network.
  • JP-11-249892 shows a method to be already known for preventing pirate- copying of software. An empty licence database is automatically produced upon installation of a program to be distributed.
  • the licence information registered in a smart card is entered into the database.
  • the program can only be run if the requisite licence is obtained from the data- base.
  • the licence information is then registered on the smart card which has a CPU unit that cannot be physically reproduced.
  • a drawback with this method is that the user's computer must be connected to the database when the program is started.
  • One object of the present invention is to solve the problems mentioned above. Another object of the present invention is to provide a secure way of selling/distributing software in electronic form via the Internet, for instance, and obtaining protection against pirate-copying.
  • a method for preventing unauthorised use of computer programs downloaded into a computer from a computer network comprises the steps of:
  • connection is encrypted.
  • method also comprises the steps of:
  • the method also comprises the steps of:
  • the encryption program is arranged in the user's computer or in the data carrier, and if the encryption program encrypts or signs the data set with the aid of the user's code.
  • a further advantage is obtained in this context if the step of modifying a data-area (A) is performed by the formatting program entering the data set and the signature in the data-area (A).
  • the step is performed of:
  • the step is performed of: • the program verifying the signature in the data-area (A).
  • a further advantage in this context is obtained if the encryption program is in communication with the formatting program by means of an encrypted connection.
  • the data-area (A) consists of a data file.
  • the data-area (A) consists of a part of the program or the whole program.
  • the data-area (A) consists of a combination of the above-mentioned alternatives.
  • An additional advantage is obtained in this context if the user's code consists of a certificate.
  • the certificate consists of a public/private key.
  • the data carrier consists of a smart card.
  • the data carrier consists of an "iButton®”.
  • Another object of the present invention is to provide at least one computer program product directly downloadable into the internal memory of at least one digital computer.
  • the at least one computer program product comprises program code parts for performing the steps in the method in accordance with the present invention when said at least one product is run on said at least one computer.
  • the principal advantage with the computer program product(s) in accordance with the present invention is that it/they provide(s) a secure way of selling/distributing software in electric form via the Internet, for instance. It/they also provide(s) protection against pirate-copying.
  • Another object of the present invention is to provide a system for preventing unauthorised use of programs downloaded into a computer from a computer network.
  • the system comprises a computer network having at least one memory unit comprising various programs, each program including a code unique to that particular program.
  • the system also comprises at least one computer, each computer being dedicated a user, and at least one portable data carrier, each data carrier being dedicated a user.
  • the system also comprises one comparator per program, whereby a program ordered by a user is downloaded into the user's computer and, upon execution of said program, reads the at least one code stored in the data carrier or in a memory in the user's computer, whereupon the comparator compares this at least one code with the code unique to the program.
  • the program is terminated or one or more program functions in the program can- not be used if the comparison does not result in agreement between the codes compared. On the other hand, the program can be fully utilised if the comparison results in agreement between the compared codes.
  • the principal advantage with this system is that it provides a secure way of selling/distributing software in electronic form via the Internet, for instance. It also provides protection against pirate copying.
  • each memory unit in the computer network is a host from which a formatting program can be downloaded to the user's computer, which formatting program receives information about one or more codes and enters these into the data carrier.
  • each memory unit in the computer network is a host comprising a formatting program that can transmit a data set to an encryption program arranged in the user's computer or in the data carrier which can encrypt or sign the data set with the aid of the user's code and transmit the result to the formatting program which can modify a data- area (A) in a manner unique to the user, each program being associated with a data-area (A).
  • the formatting program in the host modifies the data-area (A) by entering the data set and signature into the data- area (A), whereafter the program and the modified data-area (A) are downloaded to the user's computer, whereafter the program decodes the data-area (A) or verifies the signature in the data-area (A) by means of the user's code.
  • the formatting program in the host modifies the data-area (A) by entering the data set and signature into the data-area (A), whereafter the user's computer downloads the program from the host, whereafter the program and the modified data-area (A) are downloaded to the data carrier, whereupon the comparator compares whether the content in the data-area (A) is in agreement with the user's code.
  • the data carrier consists of a smart card.
  • the data carrier consists of an "iButton®”.
  • Figure 1 is a flowchart for a method for preventing unauthorised use of pro- grams downloaded into a computer from a computer network, in accordance with the invention
  • Figure 2 shows a diagrammatic representation of some computer program products in accordance with the present invention
  • Figure 3 shows a block diagram of a system for preventing unauthorised use of programs downloaded into a computer from a computer network, in accordance with the invention.
  • Figure 1 shows a flowchart for a method for preventing unauthorised use of programs downloaded into a computer from a computer network.
  • the method starts at block 10.
  • the method continues with the step of: the user identifying himself to the sales/ distribution point via the computer network.
  • the method continues at block 14 with the sales point acknowledging the identification via the computer network.
  • the next step, at block 16, comprises the user ordering a program via the computer network.
  • the method continues at block 18 with the program ordered being downloaded into the user's computer.
  • the next step, at block 20, comprises the program, upon execution, reading at least one code stored in a portable data carrier or in a memory in the user's computer and comparing this at least one code with a unique code for the program, as can be seen at block 22.
  • the user has a data carrier that can be entered and read by programs in the user's computer.
  • the data carrier may be a fixed or a movable memory unit, e.g. a fixed or portable hard disk, a floppy disk or a smart card, or some other type of memory unit e.g. "iButton®" or iKey®.
  • An iButton® is a portable unit provided with a microprocessor and a memory.
  • the memory may be of ROM type or a read/write memory.
  • the unit may also be provided with other func- tions such as various types of encrypting functions.
  • An iButton® can be connected to the serial or parallel port of a computer.
  • An iKey® comprises in principle functionally equivalent parts to an iButton®, but can be connected to the USB
  • Each iButton® or iKey® also has an exclusive identity.
  • a code/ signature for each program to be protected is entered into the data carrier.
  • Each data carrier may contain one or more codes/signatures.
  • Programs for sales or distribution are available from a host in the computer network for downloading to the user's computer.
  • the host may be either a server or a client computer.
  • a server often differs from the hardware aspect from the client computers. The difference may be, for instance, that the server has a reserve cur- rent supply with automatic current switching, so-called UPS (Uninterruptible Power Supply), large disk memories, magnetic band unit, etc.
  • UPS Uninterruptible Power Supply
  • the host is also provided with a formatting program designed for downloading to and execution on the user's computer.
  • the formatting program is in communication with the host via a connection, which may be encrypted.
  • the formatting program receives information as to which code/ signature shall be entered into the data carrier.
  • the formatting program then enters one or more signatures into the data carrier.
  • the program is executed it attempts to enter "its" code/signature in the data carrier. If the correct code/signature is not found, the program is terminated or one or more functions will not be available in the program.
  • the formatting program can also send status messages to the host to count down the customer's order balance, for instance.
  • the use has a code/certificate stored on the hard disk of the user's computer or in a special data carrier that can be written and read by programs in the user's computer.
  • a data-area A exists for each program for sales/distribution.
  • the programs are available at a host in the computer network for downloading to the user's computer.
  • a formatting program is also on the host, designed to modify the data-area (A) in a manner unique to the user.
  • In the user's computer or in the data carrier is an encryption program which can encrypt or sign a data set received.
  • the encryption program in the data carrier or in the user's computer is in communication with the formatting program in the host. This connection may be encrypted.
  • the formatting program transmits a data set to the encryption program.
  • the encryption program encrypts or signs the data set using the user's code/certificate, and sends the data set and signature back to the formatting program.
  • the formatting program enters the data set and signature into the data-area A.
  • the program is then downloaded to the user's computer together with the data-area A.
  • the program can decode the data-area A or verify the signature in the data-area A.
  • the data-area A can be sent to the data carrier for corresponding operation or check that the content in the data-area A matches the user's code/certificate.
  • the code/ certificate may be a public/private key, for instance.
  • the data carrier may be a fixed or movable memory unit, e.g. a fixed or portable hard disc, a floppy disk or a smart card, or some other type of memory unit e.g. "iButton®" or iKey®.
  • An iButton® is a portable unit provided with a microprocessor and a memory.
  • the memory may be of ROM type or a read/write memory.
  • the unit may also be provided with other functions such as various types of encrypting functions.
  • An iButton® can be connected to the serial or parallel port of a computer.
  • An iKey® comprises in principle functionally equivalent parts to an iButton®, but can be connected to the USB
  • Each iButton® or iKey® also has an exclu- sive identity.
  • Figure 2 shows a schematic representation of some computer program products in accordance with the invention.
  • Figure 2 shows n different digital computers 100 ⁇ , ...., 100n, where n is an integer. It also shows n different computer program 1021 102n, illustrated here as CDs.
  • These computer program prod- ucts 102-1 , ...., 102n may be any type of computer-readable medium, such as floppy disks, smart cards or the like.
  • the various computer program products 102 ⁇ , ...., 102 n can be downloaded directly into the internal memory of the various digital computers 100-
  • Each computer program product comprises program code parts to perform certain or all the steps in accordance with Figure 1 when the product(s) is/are run in said computers.
  • Figure 3 shows a block diagram of a system for preventing unauthorised use of programs downloaded into a computer from a computer network, in accor- dance with the invention.
  • the system 30 comprises a computer network 32 having at least one memory unit 34.
  • the memory unit(s) 34 comprise(s) various programs 36 for sale/distribution. Each program 36 includes a unique code.
  • the system 30 also comprises at least one computer 38, each computer 38 being dedicated a user.
  • Figure 3 shows n different computers 38 ⁇ , , 38 n .
  • the system 30 also comprises at least one data carrier 40, each data carrier being dedicated a user.
  • Figure 3 shows n different data carriers 40 ⁇ , , 40 n .
  • the system also comprises one comparator 42 (for the sake of simplicity only one is shown) per program 36.
  • a program 36 ordered by a user is downloaded into the user's computer 38 and, upon execution of said program 36, reads the at least one code stored in the data carrier 40 or in a memory in the user's computer 38, whereupon the comparator 42 compares this at least one code with the code unique to the program 36.
  • the program 36 is terminated or one or more program functions in the program 36 cannot be used if the comparison does not result in agreement between the codes compared. However, the program 36 can be fully utilised if the com- parison results in agreement between the compared codes.
  • the system 30 in accordance with the present invention can function, for instance, in accordance with the two embodiments described above in conjunction with Figure 1.

Abstract

The present invention relates to a method and a system for preventing unauthorised use of computer programs in electronic commerce. The method comprises the steps of: the user identifying himself to the sales point via the computer network; the sales point acknowledging the identification via the computer network; the user ordering a program via the computer network; the program ordered being downloaded into the user"s computer; the program, upon execution, reading at least one code stored in a portable data carrier or in a memory in the user"s computer and comparing this at least one code with a unique code for the program; and the program being terminated or one or more program functions in the program being unusable if the comparison step does not result in agreement between the codes compared; or the program being perfectly usable if the comparison step results in agreement between the codes compared.

Description

A METHOD AND A SYSTEM FOR PREVENTING UNAUTHORISED USE OF COMPUTER PROGRAMS IN ELECTRONIC COMMERCE
Technical field The present invention relates in a first aspect to a method for preventing unauthorised use of computer programs downloaded into a computer from a computer network.
A second aspect of the present invention relates to at least one computer program product for preventing unauthorised use of programs downloaded into a computer from a computer network.
A third aspect of the present invention relates to a system for preventing unauthorised use of programs downloaded into a computer from a computer network.
Background art
Pirate-copying of software is carried on to a considerable extent nowadays. Pirate-copying entails software being copied and used by more users than is permitted by the user licence. It is estimated that more that 50% of all software is pirate-copied in one or more links. This naturally constitutes a major problem for the software industry.
Currently methods exist for protecting programs from illegal copying by connecting the program to a data carrier containing an identity or signature that is unique to the program. In order to function, the program must be able to read and approve the signature. The software and hardware are supplied to the customer together with documentation.
A considerable drawback with the known method mentioned above is the supply route from software manufacturer via printer (documentation), CD-ROM manufacturer, distributor, retailer to the final customer.
An arrangement is known through WO-97/03398 for protecting software against use without permission from the copyright owner.
By encrypting the program by means of a key (K1 ) that is separate from the key (K2) used for decoding, better protection is obtained against unauthorised use if the decoding key is kept secret from the user. Even better security is achieved by encrypting - decoding the communication between the computer in which the program is used and the external unit in which the decoding key is stored. The external unit is also arranged so that the host computer returns the result from its processing of data received from the host computer, which result is utilised in the further execution of the program in question. JP-11-249892 shows a method to be already known for preventing pirate- copying of software. An empty licence database is automatically produced upon installation of a program to be distributed. For the purpose of using this program the licence information registered in a smart card is entered into the database. The program can only be run if the requisite licence is obtained from the data- base. The licence information is then registered on the smart card which has a CPU unit that cannot be physically reproduced. A drawback with this method is that the user's computer must be connected to the database when the program is started.
Through the patent US-A-5, 919,247 a method is known for distributing code and data updates to thousands of customers via a network. The software applications are called "channels" and the client is called a "tuner". The use of channels is based on subscription. The end user must subscribe to the channel before it can be executed. When the end user subscribes to a channel, the appropriate code and the data set are downloaded to the local hardware, and once the channel has been downloaded it can be executed many times without requiring further access to the network. The channels can be regularly updated by the tuner and this means that the end user no longer needs to install software-updating manually. Instead these program and data updates occur automatically in the background. None of the above-mentioned documents shows a simple and efficient solution to the problem mentioned above.
Summary of the invention
One object of the present invention is to solve the problems mentioned above. Another object of the present invention is to provide a secure way of selling/distributing software in electronic form via the Internet, for instance, and obtaining protection against pirate-copying.
In accordance with a first aspect of the present invention a method is provided for preventing unauthorised use of computer programs downloaded into a computer from a computer network. The method comprises the steps of:
• the user identifying himself to the sales/distribution point via the computer network;
• the sales/distribution point acknowledging the identification via the computer network;
• the user ordering a program via the computer network;
• the program ordered being downloaded into the user's computer;
• the program, upon execution, reading at least one code stored in a portable data carrier or in a memory in the user's computer and comparing this at least one code with a unique code for the program; and
• the program being terminated or one or more program functions in the program being unusable if the comparison step does not result in agreement between the codes compared; or
• the program being perfectly usable if the comparison step results in agreement between the codes compared. The principal advantage with this method is that it provides a secure way to sell/distribute software in electric form via the Internet, for instance. It also provides protection against pirate-copying.
It is an additional advantage if the method also comprises the steps of:
• downloading a formatting program from a host in the computer network; and • the formatting program receiving information concerning one or more codes, and entering these into the data carrier.
An additional advantage in this context is obtained if the formatting program is associated with the host via a connection.
In this context it is an advantage if the connection is encrypted. A further advantage is obtained in this context if the method also comprises the steps of:
• the user paying electronically for the program ordered; and
• the formatting program thereafter sending a status message to the host for the relevant order balance. In accordance with a second embodiment the method also comprises the steps of:
• a formatting program accessible on a host in the computer network transmitting a data set to an encryption program;
• the encryption program encrypting or signing the data set and transmitting the result to the formatting program; and
• the formatting program modifying a data-area (A) in a manner unique to the user, whereby each program is associated with a data-area (A).
In this context it is an advantage if the encryption program is arranged in the user's computer or in the data carrier, and if the encryption program encrypts or signs the data set with the aid of the user's code.
A further advantage is obtained in this context if the step of modifying a data-area (A) is performed by the formatting program entering the data set and the signature in the data-area (A). In this context it is advantageous if, after the step of modifying the data- area (A), the step is performed of:
• downloading the program with the modified data-area (A) to the user's computer.
A further advantage is gained in this context if, after the step of download- ing the program and the modified data-area (A), the step is performed of:
• the program decoding the data-area (A) by means of the user's code.
In accordance with another embodiment of the method, after the step of downloading the program and the modified data-area (A), the step is performed of: • the program verifying the signature in the data-area (A).
In this context it is advantageous if, after the step of modifying the data- area (A), the steps are performed of:
• downloading the program to the user's computer;
• downloading the data-area (A) to the data carrier for comparison of whether the content in the data-area (A) agrees with the user's code.
A further advantage in this context is obtained if the encryption program is in communication with the formatting program by means of an encrypted connection.
In this context it is advantageous if the data-area (A) consists of a data file.
In accordance with another embodiment of the method the data-area (A) consists of a part of the program or the whole program.
In this context it is an advantage if the data-area (A) consists of a combination of the above-mentioned alternatives. An additional advantage is obtained in this context if the user's code consists of a certificate.
In this context it is advantageous if the certificate consists of a public/private key. An additional advantage is obtained in this context if the data carrier consists of a smart card.
In accordance with a further embodiment of the method the data carrier consists of an "iButton®".
Another object of the present invention is to provide at least one computer program product directly downloadable into the internal memory of at least one digital computer. The at least one computer program product comprises program code parts for performing the steps in the method in accordance with the present invention when said at least one product is run on said at least one computer. The principal advantage with the computer program product(s) in accordance with the present invention is that it/they provide(s) a secure way of selling/distributing software in electric form via the Internet, for instance. It/they also provide(s) protection against pirate-copying.
Another object of the present invention is to provide a system for preventing unauthorised use of programs downloaded into a computer from a computer network. The system comprises a computer network having at least one memory unit comprising various programs, each program including a code unique to that particular program. The system also comprises at least one computer, each computer being dedicated a user, and at least one portable data carrier, each data carrier being dedicated a user. The system also comprises one comparator per program, whereby a program ordered by a user is downloaded into the user's computer and, upon execution of said program, reads the at least one code stored in the data carrier or in a memory in the user's computer, whereupon the comparator compares this at least one code with the code unique to the program. The program is terminated or one or more program functions in the program can- not be used if the comparison does not result in agreement between the codes compared. On the other hand, the program can be fully utilised if the comparison results in agreement between the compared codes. The principal advantage with this system is that it provides a secure way of selling/distributing software in electronic form via the Internet, for instance. It also provides protection against pirate copying.
In this context it is advantageous if each memory unit in the computer network is a host from which a formatting program can be downloaded to the user's computer, which formatting program receives information about one or more codes and enters these into the data carrier.
An additional advantage in this context is if the formatting program is associated with the host via an encrypted connection.
In accordance with an additional embodiment of the system each memory unit in the computer network is a host comprising a formatting program that can transmit a data set to an encryption program arranged in the user's computer or in the data carrier which can encrypt or sign the data set with the aid of the user's code and transmit the result to the formatting program which can modify a data- area (A) in a manner unique to the user, each program being associated with a data-area (A). It is in this context advantageous if the formatting program in the host modifies the data-area (A) by entering the data set and signature into the data- area (A), whereafter the program and the modified data-area (A) are downloaded to the user's computer, whereafter the program decodes the data-area (A) or verifies the signature in the data-area (A) by means of the user's code. In accordance with a further embodiment of the system the formatting program in the host modifies the data-area (A) by entering the data set and signature into the data-area (A), whereafter the user's computer downloads the program from the host, whereafter the program and the modified data-area (A) are downloaded to the data carrier, whereupon the comparator compares whether the content in the data-area (A) is in agreement with the user's code.
It is in this context advantageous if the data carrier consists of a smart card.
In accordance with a further embodiment of the system the data carrier consists of an "iButton®".
It should be emphasised that when the term "comprise(s)" is used in this description, it should be interpreted as indicating the presence of the stated feature, step or component but not excluding the presence of one or more other feature, step, component or group thereof. Brief description of the drawings
The embodiments in accordance with the invention will now be described with reference to the accompanying drawings, in which
Figure 1 is a flowchart for a method for preventing unauthorised use of pro- grams downloaded into a computer from a computer network, in accordance with the invention; Figure 2 shows a diagrammatic representation of some computer program products in accordance with the present invention, and; Figure 3 shows a block diagram of a system for preventing unauthorised use of programs downloaded into a computer from a computer network, in accordance with the invention.
Detailed description of embodiments
Figure 1 shows a flowchart for a method for preventing unauthorised use of programs downloaded into a computer from a computer network. The method starts at block 10. At block 12 the method continues with the step of: the user identifying himself to the sales/ distribution point via the computer network. The method continues at block 14 with the sales point acknowledging the identification via the computer network. The next step, at block 16, comprises the user ordering a program via the computer network. The method continues at block 18 with the program ordered being downloaded into the user's computer. The next step, at block 20, comprises the program, upon execution, reading at least one code stored in a portable data carrier or in a memory in the user's computer and comparing this at least one code with a unique code for the program, as can be seen at block 22. In the event of a negative answer the method continues to block 24 which results in the program being terminated or one or more program functions in the program being unusable. If the answer is affirmative, however, the method will continue to block 26 and results in the program being perfectly usable, i.e. it can be fully executed. The method is then concluded at block 28. Naturally these steps can be repeated several times if a user wishes to order several different programs on different occasions, for instance.
In accordance with a first embodiment of the method according to the present invention, the user has a data carrier that can be entered and read by programs in the user's computer. The data carrier may be a fixed or a movable memory unit, e.g. a fixed or portable hard disk, a floppy disk or a smart card, or some other type of memory unit e.g. "iButton®" or iKey®. An iButton® is a portable unit provided with a microprocessor and a memory. The memory may be of ROM type or a read/write memory. The unit may also be provided with other func- tions such as various types of encrypting functions. An iButton® can be connected to the serial or parallel port of a computer. An iKey® comprises in principle functionally equivalent parts to an iButton®, but can be connected to the USB
(Universal Serial Bus) of a computer. Each iButton® or iKey® also has an exclusive identity. A code/ signature for each program to be protected is entered into the data carrier. Each data carrier may contain one or more codes/signatures. Programs for sales or distribution are available from a host in the computer network for downloading to the user's computer. The host may be either a server or a client computer. A server often differs from the hardware aspect from the client computers. The difference may be, for instance, that the server has a reserve cur- rent supply with automatic current switching, so-called UPS (Uninterruptible Power Supply), large disk memories, magnetic band unit, etc. The host is also provided with a formatting program designed for downloading to and execution on the user's computer. The formatting program is in communication with the host via a connection, which may be encrypted. When the user has been approved by the host, e.g. after payment for software ordered, the formatting program receives information as to which code/ signature shall be entered into the data carrier. The formatting program then enters one or more signatures into the data carrier. When the program is executed it attempts to enter "its" code/signature in the data carrier. If the correct code/signature is not found, the program is terminated or one or more functions will not be available in the program. The formatting program can also send status messages to the host to count down the customer's order balance, for instance.
In accordance with a second embodiment of the method according to the present invention the use has a code/certificate stored on the hard disk of the user's computer or in a special data carrier that can be written and read by programs in the user's computer. A data-area A exists for each program for sales/distribution. The programs are available at a host in the computer network for downloading to the user's computer. A formatting program is also on the host, designed to modify the data-area (A) in a manner unique to the user. In the user's computer or in the data carrier is an encryption program which can encrypt or sign a data set received. The encryption program in the data carrier or in the user's computer is in communication with the formatting program in the host. This connection may be encrypted. When the user is approved by the host, e.g. when the program or- dered has been paid for, the formatting program transmits a data set to the encryption program. The encryption program encrypts or signs the data set using the user's code/certificate, and sends the data set and signature back to the formatting program. The formatting program enters the data set and signature into the data-area A. The program is then downloaded to the user's computer together with the data-area A. With the aid of the user's code/certificate the program can decode the data-area A or verify the signature in the data-area A. Alternatively the data-area A can be sent to the data carrier for corresponding operation or check that the content in the data-area A matches the user's code/certificate. If the signature does not match the code/certificate the program will be terminated or one or more programs will be unavailable in the program. The code/ certificate may be a public/private key, for instance. The data carrier may be a fixed or movable memory unit, e.g. a fixed or portable hard disc, a floppy disk or a smart card, or some other type of memory unit e.g. "iButton®" or iKey®. An iButton® is a portable unit provided with a microprocessor and a memory. The memory may be of ROM type or a read/write memory. The unit may also be provided with other functions such as various types of encrypting functions. An iButton® can be connected to the serial or parallel port of a computer. An iKey® comprises in principle functionally equivalent parts to an iButton®, but can be connected to the USB
(Universal Serial Bus) of a computer. Each iButton® or iKey® also has an exclu- sive identity.
Figure 2 shows a schematic representation of some computer program products in accordance with the invention. Figure 2 shows n different digital computers 100ι , ...., 100n, where n is an integer. It also shows n different computer program 1021 102n, illustrated here as CDs. These computer program prod- ucts 102-1 , ...., 102n, may be any type of computer-readable medium, such as floppy disks, smart cards or the like. The various computer program products 102ι , ...., 102n, can be downloaded directly into the internal memory of the various digital computers 100-| , ...., 100n- Each computer program product comprises program code parts to perform certain or all the steps in accordance with Figure 1 when the product(s) is/are run in said computers.
Figure 3 shows a block diagram of a system for preventing unauthorised use of programs downloaded into a computer from a computer network, in accor- dance with the invention. The system 30 comprises a computer network 32 having at least one memory unit 34. The memory unit(s) 34 comprise(s) various programs 36 for sale/distribution. Each program 36 includes a unique code. The system 30 also comprises at least one computer 38, each computer 38 being dedicated a user. Figure 3 shows n different computers 38ι , , 38n. The system 30 also comprises at least one data carrier 40, each data carrier being dedicated a user. Figure 3 shows n different data carriers 40ι , , 40n. The system also comprises one comparator 42 (for the sake of simplicity only one is shown) per program 36. A program 36 ordered by a user is downloaded into the user's computer 38 and, upon execution of said program 36, reads the at least one code stored in the data carrier 40 or in a memory in the user's computer 38, whereupon the comparator 42 compares this at least one code with the code unique to the program 36. The program 36 is terminated or one or more program functions in the program 36 cannot be used if the comparison does not result in agreement between the codes compared. However, the program 36 can be fully utilised if the com- parison results in agreement between the compared codes.
The system 30 in accordance with the present invention can function, for instance, in accordance with the two embodiments described above in conjunction with Figure 1.
The invention is not limited to the embodiments described above. It is ob- vious to one skilled in the art that many different modifications are possible within the scope of the appended claims.

Claims

1. A method for preventing unauthorised use of programs downloaded into a computer from a computer network, which method comprises the steps of: • the user identifying himself to the sales point via the computer network;
• the sales point acknowledging the identification via the computer network;
• the user ordering a program via the computer network;
• the program ordered being downloaded into the user's computer;
• the program, upon execution, reading at least one code stored in a portable data carrier or in a memory in the user's computer and comparing this at least one code with a unique code for the program; and
• the program being terminated or one or more program functions in the program being unusable if the comparison step does not result in agreement between the codes compared; or • the program being perfectly usable if the comparison step results in agreement between the codes compared.
2. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim , characterized in that the method also comprises the steps of:
• downloading a formatting program from a host in the computer network; and
• the formatting program receiving information concerning one or more codes, and entering these into the data carrier.
3. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 2, characterized in that the formatting program is associated with the host via a connection.
4. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 3, characterized in that the connection is encrypted.
5. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in any one of claims 2-4, charac- terized in that the method also comprises the steps of:
• the user paying electronically for the program ordered; and
• the formatting program thereafter sending a status message to the host for the relevant order balance.
6. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 1 , characterized in that the method also comprises the steps of:
• a formatting program accessible on a host in the computer network transmitting a data set to an encryption program;
• the encryption program encrypting or signing the data set and transmitting the result to the formatting program; and
• the formatting program modifying a data-area (A) in a manner unique to the user, whereby each program is associated with a data-area (A).
7. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 6, characterized in that the encryption program is arranged in the user's computer or in the data carrier, and in that the encryption program encrypts or signs the data set with the aid of the user's code.
8. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 7, characterized in that the step of modifying a data-area (A) is performed by the formatting program en- tering the data set and the signature in the data-area (A).
9. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 8, characterized in that after the step of modifying the data-area (A) the step is performed of: • downloading the program with the modified data-area (A) to the user's computer.
10. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 9, characterized in that after the step of downloading the program and the modified data-area (A) the step is performed of:
• the program decoding the data-area (A) by means of the user's code.
11. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 9, characterized in that after the step of downloading the program and the modified data-area (A) the step is performed of:
• the program verifying the signature in the data-area (A).
12. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 8, characterized in that after the step of modifying the data-area (A) the steps are performed of:
• downloading the program to the user's computer; • downloading the data-area (A) to the data carrier for comparison of whether the content in the data-area (A) agrees with the user's code.
13. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in any one of claims 6-12, charac- terized in that the encryption program is in communication with the formatting program by means of an encrypted connection.
14. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in any one of claims 6-13, charac- terized in that the data-area (A) consists of a data file.
15. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in any one of claims 6-13, characterized in that the data-area (A) consists of a part of the program or the whole program.
16. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in any one of claims 14-15, characterized in that the data-area (A) consists of a combination of the alternatives defined in claims 14 and 15.
17. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in any one of claims 6-16, charac- terized in that the user's code consists of a certificate.
18. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in claim 17, characterized in that the certificate consists of a public/private key.
19. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in any one of claims 1-18, characterized in that the data carrier consists of a smart card.
20. A method for preventing unauthorised use of programs downloaded into a computer from a computer network as claimed in any one of claims 1-18, characterized in that the data carrier consists of an "iButton".
21. At least one computer program product (1021 , 102n) directly down- loadable into the internal memory of at least one digital computer (100ι , ....,
100n), comprising program code parts for performing the steps claimed in claim 1 when said at least one product (102-| , ...., 102n) is run on said at least one computer (1001 , 100n).
22. A system for preventing unauthorised use of programs downloaded into a computer from a computer network, which system comprises a computer network having at least one memory unit comprising various programs, characterized in that each program includes a code unique to that program, which system also comprises at least one computer, each computer being dedicated a user, and at least one portable data carrier, each data carrier being dedicated a user, which system also comprises one comparator per program, whereby a program ordered by a user is downloaded into the user's computer and, upon execution of said program, reads the at least one code stored in the data carrier or in a memory in the user's computer, whereupon the comparator compares this at least one code with the code unique to the program, whereupon the program is terminated or one or more program functions in the program cannot be used if the comparison does not result in agreement between the codes compared, or that the program can be fully utilised if the comparison results in agreement between the compared codes.
23. A system for preventing unauthorised use of programs downloaded into a computer from a computer network, as claimed in claim 22, characterized in that each memory unit in the computer network is a host from which a formatting program can be downloaded to the user's computer, which formatting program re- ceives information about one or more codes and enters these into the data carrier.
24. A system for preventing unauthorised use of programs downloaded into a computer from a computer network, as claimed in claim 22, characterized in that the formatting program is associated with the host via an encrypted connection.
25. A system for preventing unauthorised use of programs downloaded into a computer from a computer network, as claimed in claim 22, characterized in that each memory unit in the computer network is a host comprising a formatting pro- gram that can transmit a data set to an encryption program arranged in the user's computer or in the data carrier which can encrypt or sign the data set with the aid of the user's code and transmit the result to the formatting program which can modify a data-area (A) in a manner unique to the user, each program being associated with a data-area (A).
26. A system for preventing unauthorised use of programs downloaded into a computer from a computer network, as claimed in claim 25, characterized in that the formatting program in the host modifies the data-area (A) by entering the data set and signature into the data-area (A), whereafter the program and the modified data-area (A) are downloaded to the user's computer, whereafter the program decodes the data-area (A) or verifies the signature in the data-area (A) by means of the user's code.
27. A system for preventing unauthorised use of programs downloaded into a computer from a computer network, as claimed in claim 25, characterized in that the formatting program in the host modifies the data-area (A) by entering the data set and signature into the data-area (A), whereafter the user's computer downloads the program from the host, whereafter the program and the modified data- area (A) are downloaded to the data carrier, whereafter comparator compares whether the content in the data-area (A) is in agreement with the user's code.
28. A system for preventing unauthorised use of programs downloaded into a computer from a computer network, as claimed in any of claims 22-27, character- ized in that the data carrier consists of a smart card.
29. A system for preventing unauthorised use of programs downloaded into a computer from a computer network, as claimed in any of claims 22-27, characterized in that the data carrier consists of an "iButton".
PCT/SE2001/000515 2000-03-13 2001-03-12 A method and a system for preventing unauthorised use of computer programs in electronic commerce WO2001069353A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001242920A AU2001242920A1 (en) 2000-03-13 2001-03-12 A method and a system for preventing unauthorised use of computer programs in electronic commerce

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE0000871-4 2000-03-13
SE0000871A SE0000871L (en) 2000-03-13 2000-03-13 A method and system for preventing unauthorized use of software in electronic commerce

Publications (1)

Publication Number Publication Date
WO2001069353A1 true WO2001069353A1 (en) 2001-09-20

Family

ID=20278829

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2001/000515 WO2001069353A1 (en) 2000-03-13 2001-03-12 A method and a system for preventing unauthorised use of computer programs in electronic commerce

Country Status (3)

Country Link
AU (1) AU2001242920A1 (en)
SE (1) SE0000871L (en)
WO (1) WO2001069353A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5337357A (en) * 1993-06-17 1994-08-09 Software Security, Inc. Method of software distribution protection
US5398285A (en) * 1993-12-30 1995-03-14 Motorola, Inc. Method for generating a password using public key cryptography
WO1997003398A1 (en) * 1995-07-13 1997-01-30 Sigbjoernsen Sigurd Protection of software against use without permit
US5651064A (en) * 1995-03-08 1997-07-22 544483 Alberta Ltd. System for preventing piracy of recorded media
US5982892A (en) * 1997-12-22 1999-11-09 Hicks; Christian Bielefeldt System and method for remote authorization for unlocking electronic data
US5982889A (en) * 1997-04-30 1999-11-09 Demont; Jason Paul Method and apparatus for distributing information products

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5337357A (en) * 1993-06-17 1994-08-09 Software Security, Inc. Method of software distribution protection
US5398285A (en) * 1993-12-30 1995-03-14 Motorola, Inc. Method for generating a password using public key cryptography
US5651064A (en) * 1995-03-08 1997-07-22 544483 Alberta Ltd. System for preventing piracy of recorded media
WO1997003398A1 (en) * 1995-07-13 1997-01-30 Sigbjoernsen Sigurd Protection of software against use without permit
US5982889A (en) * 1997-04-30 1999-11-09 Demont; Jason Paul Method and apparatus for distributing information products
US5982892A (en) * 1997-12-22 1999-11-09 Hicks; Christian Bielefeldt System and method for remote authorization for unlocking electronic data

Also Published As

Publication number Publication date
SE0000871D0 (en) 2000-03-13
AU2001242920A1 (en) 2001-09-24
SE0000871L (en) 2001-09-14

Similar Documents

Publication Publication Date Title
US5903650A (en) Method and apparatus for electronic license distribution
KR100240324B1 (en) Licensee notification system
EP1342149B1 (en) Method for protecting information and privacy
US6857067B2 (en) System and method for preventing unauthorized access to electronic data
US5754646A (en) Method for protecting publicly distributed software
US7146645B1 (en) Dedicated applications for user stations and methods for downloading dedicated applications to user stations
EP0809244B1 (en) Software copying system
US6684198B1 (en) Program data distribution via open network
US7134016B1 (en) Software system with a biometric dongle function
EP1334415B1 (en) Method and system for monitoring utilizing condition of contents
EP0968585A1 (en) Digital product rights management technique
JP2002373029A (en) Method for preventing illegal copy of software by using ic tag
US20040210821A1 (en) Method and system for secure distribution of digital documents
JP2004110646A (en) License issuance server, processor, software execution management device, license issuance method and license issuance program
JP2005518041A (en) Methods and configurations for protecting software
WO1998045768A1 (en) Method and system for networked installation of uniquely customized, authenticable, and traceable software applications
GB2149944A (en) Software distribution
JP2001175468A (en) Method and device for controlling use of software
Aura et al. Software License Management with Smart Cards.
EP1471405A1 (en) Method and device for protecting information against unauthorised use
US20040123126A1 (en) Method and apparatus for deterring piracy
WO2001069353A1 (en) A method and a system for preventing unauthorised use of computer programs in electronic commerce
JP2004086588A (en) Software malpractice preventing system
JP2002352146A (en) Method, system and program for charging contents parts and storage medium with contents parts charging program stored therein
US20020108024A1 (en) Method for protecting publicly distributed software

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ CZ DE DE DK DK DM DZ EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP