The various embodiments described herein relate to license management. Currently license servers use hardware related identifiers to prevent overuse of licenses. Identifiers generated by the hardware are employed to prevent the customer from enrolling the same license on more than one license server.
One limit of this approach is that a safe license management system cannot rely on a server running on a virtual machine because in such environment many servers can be started on one physical box with the same hardware identifier. All the virtual unique identifiers are due to their definition not permanent, so they cannot be used to extend in a reliable way the concept of a unique hardware identifier. Known license management solutions prevent the license server from starting on virtual platforms or rely on using additional hardware such as so called smart cards or secure cards to provide secure identifiers. The first solution is not acceptable in the current virtualized world. The second solution is expensive and uncomfortable.
Another limit is that backing up the license server requires buying twice the same license certificates for two (or more) different servers or relying on high availability solutions as described below. This kind of solution requires additional hardware and licenses which is an expensive cost factor and necessitates additional administration effort as the license administrator needs to administer and monitor more servers.
Another limit is that scalability and high availability are limited by complex algorithms that will allow sharing the same license certificate among more than one license server because of being a clustering technique for license server clusters, but with strict checks on the scalability itself. In current solutions it is not possible to scale to more than 12 license servers, and reaching such configuration is dependent on the initial size of the solution. This kind of solution foresees a perfect planning before setting up the license server cluster. An expansion which is faster than scheduled will require additional hardware and a new set of licenses, as the license certificates are tied to the cluster identifier. Because of this relation between certificates and cluster identifier, the cluster cannot scale indefinitely due to possible security breaches.
In U.S. Patent Application Publication No. 20080177560, an identifier (ID) lending system is disclosed which uses an ID management table having a correlation between an ID and a request source which specifies a source of a lending request of the ID. The ID management table includes entries such as an IP address, ID, timeout time, hardware ID characteristic of a licensing server at an ID-lending destination, e.g. a MAC address, and a final verification time. The IP address in the license management table refers to an IP address of a licensing server targeted for ID-lending, and the ID is an ID to be lent to the licensing server. The ID lending system lends differing IDs. An ID lending unit searches the ID management table for a request source upon receiving a lending request of an ID from the request source, replying with an ID to the request source wherein the ID corresponds to the request source. An ID lending continuation verification unit receives a lending continuation request for the ID from the request source to which the ID lending unit replied with the ID.
When a predetermined time period has not elapsed since the lending continuation request was received, the ID lending unit does not reply even when the lending request is received from the request source to which the ID lending unit replied. If an ID-lending continuation request for an ID is not received in the predetermined timeout time period, e.g. several minutes, from an ID lending destination (on an ID borrowing side) then the ID lending unit permits lending of the ID to another licensing server.