This invention relates to security mechanisms which prevent unauthorized use of the software, and in particular to mechanisms which prevent the unauthorized use of software on more than one computer.
Various security mechanisms have been heretofore devised for preventing the use of software without authorization of the software supplier. These have included hardware security devices, which must be attached to a computer before the software can run on the computer. Typically, the software that is to run includes an inquiry which looks for an indication that the hardware device has been installed. Such hardware security devices assure that the software will only execute on one computer at any one time. These hardware devices can, however, be relatively expensive and moreover need to be adaptable to various types of computers in which they are to be attached.
Other security mechanisms include software devices that look for an identification of the computer in which the software is to be installed rather than the presence of any hardware device. Such software devices often require complex algorithms to generate a unique association of the program to be run with the identification of the host computer. These software devices may still require that other hardware devices be connected to the host computer in order to establish the unique association of the program to be run with the target computer. Such a system is disclosed in U.S. Pat. No. 4,683,553 which requires that a card reader be used to associate the program to be run with the host computer.
It is an object of the invention to provide a software security mechanism which authorizes run time execution of certain software only after generating an association of the software to be run with a single computer in a manner that does not require. extremely complex algorithms or the attachment of any additional devices to the target computer.
The above and other objects of the invention are achieved by a load program that must be successfully executed by a targeted computer any time a user wishes to install particular software into the targeted computer. The load program will cause the targeted computer to read the amount of time indicated by an internal system clock within the computer to which the software is to be installed. The computer furthermore reads an internally coded identification of the operating system software installed in the computer. The computer proceeds to generate an intermediate code that is a function of the read amount of time from the system clock and the internally coded identification of the operating system. The thus computed code is preferably displayed to the user.
In a preferred embodiment, the user understands that the displayed code is to be communicated to the software supplier along with a brief description of the software that the user wishes to install in the computer. The software supplier maintains a secret ID code for the described software. The software supplier generates a password which is a function of the code generated by the user""s computer and the secret ID code for the described software. The thus generated password is communicated to the user with instructions to again run the load program.
When the load program is run again, the previously stored time indicated by the system clock is read along with the internally coded identification of the operating system. The above two values are again used to compute the intermediate code that was previously displayed to the user. The computer proceeds to calculate an internal key using the same mathematical function used by the supplier to compute the password communicated to the user. This mathematical function is a function of the newly generated intermediate code and the secret ID code for the software to be installed. In this regard, the secret ID code for the software to be installed is preferably imbedded in the software so that it may be read by the load program. The load program next requires the target computer to request that the user enter the password that has been provided by the software supplier. The user entered password provided by the software supplier is then compared with the internally computed key that has been generated using the same mathematical algorithm used by the software provider. The load program authorizes the running of the particular software in the event that the internally computed key matches the entered password.