This invention relates to the securing of programs and tables and, in particular, to protecting actuation of features and software within a telecommunication switching system.
Within the prior art, it is well known to sell or lease software both from the point of view of the basic program and from the features that the program is allowed to implement. Normally, each release or version of a particular software package for a customer premise telecommunication switching system contains a large number of features; however, the customer chooses and pays for only a subset of the total number of features. Features in a telecommunications switching system refer to certain specialized operations such as call hold, call transfer, automatic route selection, etc. An ongoing problem in the art is to prevent newer versions of the software from being pirated and used on unauthorized switching system or the customer actuating features for which the customer has not paid. Within telecommunications switching systems in the prior art, these problems have been addressed by using passwords that only allow authorized individuals to have access to the telecommunication switching system for enabling features or new software versions.
The problem of securing software is a common problem throughout the computer industry as well. Three methods have been utilized to address this problem. One is to distribute the software utilizing a CD-Rom and to include a key that must be entered to enable the software program. This solution does not solve the copying problem since the key is normally printed on the CD-Rom cover, and anyone can install the software as many times as they wish, however illegal it may be. A second method is to use a special piece of hardware that is commonly referred to as xe2x80x9cdonglexe2x80x9d. The dongle is a special piece of hardware that connects to the serial or parallel port of the computer. The software executing on the computer sends a random number to the dongle. The dongle performs a secret computation and returns a result. The software makes a like computation; if the two computations match, the software continues to run. To work satisfactorily, the response must include feature and version information. The use of the dongle is cumbersome when it fails. If the dongle fails, then the system is down until a new dongle can be physically obtained on site. Also, once made, the dongle is fixed. If it was used for feature activation, a new dongle is required for each additional feature that is purchased.
A third method (as described in PC Magazine, p. 35, December, 1998) is to freely distribute the CD-Rom disks. When the CD-Rom is inserted into a computer, the computer automatically connects to a remote server via the Internet or a dial up connection to receive a machine-specific key. The key unlocks the software so that it can be utilized on that computer. The remote server also obtains the necessary payment information from the computer user. The third method does not function well for a telecommunication switching system since it does not provide for the authorization to use different features of the same software application nor is it dependent on the version of the software being requested. In addition, it does not provide the necessary authorization of personnel to make such a request.
A departure in the art is achieved by an apparatus in method where a controlled application, such as a telecommunication application, periodically sends an encrypted message to a license server to request permission to run and to obtain a list of permitted features. The license server application is executing on the same processor as the controlled application. Also resident on the same system is a license file which contains a list of applications that are permitted to run, the version number of the permitted applications and a list of permitted features. The license server is responsive to the encrypted message from the control application to read and decrypt the license file, read the serial number of the processor controlling the telecommunications system, compare the serial number obtained from the processor with the serial number stored in the license file. If there is a mis-match, no license is granted to the control applications and it will not be allowed to run. If the serial numbers match, then a comparison is made between the version number received from the application and the corresponding version number associated with the application in the license file. If the version number mis-matches, an encrypted message is sent to the application denying it permission to run. If the version number matches, an encrypted message is sent to the application granting it permission to run and listing the permitted features. To decrypt the license file, the license server utilizes a key that is assigned to the license server either globally or on a per system basis.
Other and further aspects of the present invention will become apparent in the course of the following description and by reference to the accompanying drawing.