Several system management software applications require the availability of a comprehensive knowledge base that contains information on software products, which may be currently installed and running on a plurality of data processing systems. For example, license manager products like IBM Tivoli License Manager (ITLM) needs a knowledge base (i.e. a catalogue) to identify the products found on the managed systems and correctly metering and invoicing the use of such products. Normally this knowledge base is in the form of a catalogue which contains definitions of software products (e.g. product names and version) and the related signature. The software catalogue lists all the known products which can be found on the managed systems; each product can be identified by one or more executable modules indicative of its running. As an example, in the case of a License Manager product, a licensing agent working in the background detects the executable modules that have been launched; the licensing agent then identifies the corresponding products through the software catalogue.
One method largely employed today for obtaining an inventory of software installed on a computer system is to run an inventory application that tries to match pre-defined signatures against the results of scanning some known registries, the file systems or a combination of both. Creating a signature to be employed in the above process often requires an in-depth knowledge of the product to be discovered. Indeed, relying on a registry signature may cause false positives (e.g. when the un-install of the software product has left orphaned information in the registry). A file signature specifying both the name and size of a key product executable would rarely produce false positives. However, it can easily generate false negatives because of factors that may either change the file size (updates) or make it unpredictable (file is built by statically linking pre-requisite libraries which have different sizes depending on their version).
Product signatures that specify the size (or checksum) and name of a key file do not produce false positives, but there is a high cost for keeping the product signature catalogue (or Knowledge Base) up to date with changes that are introduced in the size or checksum of that file by each new product upgrade and patch. In practice, there must be one signature in the catalogue for each variant of the signature file that has been deployed in the field.