To protect software manufacturers' copyrights in software sold to the public, manufacturers commonly license software to the purchaser. Additionally, in many applications the purchaser has elected to pay only for certain features of software which must be selectively enabled by the manufacturer. In particular, each release or version of a particular software package for a customer premise telecommunication switching system contains a large number of features, and most customers elect to pay for only a subset of the total number of features. Features in a telecommunications switching system refer to certain specialized operations such as call transfer, automatic route selection, etc. An ongoing problem in the art is to prevent newer versions of software from being pirated and used on unauthorized hardware and/or otherwise authorized customers from actuating features for which the customer has not paid.
A number of methods have been developed to protect against such unauthorized use of software.
In one method, passwords, that only allow authorized individuals to have access to the telecommunication switching system, are used to control enablement of features or new software versions. This method is inflexible and inconvenient for customers as an authorized technician must be scheduled to enable the features, can be circumvented by a person misappropriating or misusing the password, and does not provide for periodic license verification during system operation.
In another method, a key is required to enable the software program. This solution does not solve the copying problem because the key is normally printed on the packaging of the software, and anyone can install the software as many times as they wish, however illegal it may be.
In another method, a special piece of hardware or “dongle” is used. The dongle is a special piece of hardware that connects to the serial or parallel port of the computer. The software running on the computer sends a random number to the dongle. The dongle performs a secret computation and returns a result. The software makes a like computation; if the two computations match, the software continues to run. To work satisfactorily, the response must include feature and version information. The use of the dongle is cumbersome when it fails. In the event that the dongle fails, the system is down until a new dongle can be physically obtained on site. Also, once made the dongle is fixed. If it was used for feature activation, a new dongle is required for each additional feature that is purchased.
Yet another method is to freely distribute CD-ROM disks. When the CD-ROM is inserted into a computer, the computer automatically connects to a remote server via the Internet or a dial-up connection to receive a machine-specific key. The key unlocks the software so that it can be utilized on that computer. The remote server also obtains the necessary payment information from the computer user. This method does not function well for a telecommunication switching system since it does not provide for the authorization to use different features of the same software application nor is it dependent on the version of the software being requested. In addition, it does not provide the necessary authorization of personnel to make such a request.
In yet another method, upon installation or first execution the software records serial number information (e.g., Medium Access Control or MAC address) regarding predetermined hardware components of the computer system. The software permits the user a specified number of hardware serial number changes before it disables itself. This method, though effective, is unfair to users who, over time, legitimately exceed the number of permitted serial number changes through reuse of the software on a number of different systems and/or periodic replacement of some of the predetermined hardware components in a given system to upgrade or maintain the system.
Notwithstanding the foregoing security techniques, computer software vendors continue annually to experience billions in lost sales revenue due to unauthorized use of software.