Some existing systems provide access to data via an access control list (ACL) associated with each file or directory. Typically, access control rights for a particular directory are inherited by any descendent directories or files unless expressly overwritten by an access control list at the descendent directory or file. The request for access to data is processed based on the access control permissions corresponding to the target file or directory. However, such existing systems only provide access control at the granularity of a file or directory and fail to explicitly provide access control for functionality within executable software components.
Similarly, existing operating systems lack a simple model to control access to functionality in binary files when the binary files are present in the operating system. For example, if the functionality to perform a particular task exists in a library and the library is available to the operating system (e.g., on the local hard drive), the operating system will perform the task on request. With the advent of low cost, easily accessible broadband networking, computer users interested in pirating operating systems have easy access to the binary files needed to pirate the operating system. As such, separate versions of the operating system with differing functionality are created and distributed to limit the functionality available to the end user. For example, some systems provide multiple versions of a software product on an installation disk. During installation, the user enters a license key that installs the version associated with the entered license key. However, there is a need for a single version of a software product (e.g., a single set of binary files) that dynamically provides a subset of its functionality when executed to the user based on authorization (e.g., a license) associated with the user and with the software product. That is, existing operating systems fail to provide an authorization process for utilizing resources available within the operating system.
Accordingly, an authorization module that dynamically controls run-time access to functionality within a software product is desired to address one or more of these and other disadvantages.