The invention relates to a method and apparatus for restricting the use of computer software to a known group of users; and, more particularly, to a method and apparatus for controlling the distribution of software products in Intranet or Internet environments.
As Intranet and Internet environments proliferate, a company""s software becomes more subject to access by unauthorized individuals. It is therefore important to secure the software against unauthorized access, while, at the same time, enabling both the tracking of software use and the prevention of its unauthorized use.
The newspapers are replete with reports, lately, of xe2x80x9chackersxe2x80x9d being able to penetrate, and acquire information and programs from, so-called secure systems. This information and program data may be the life blood of a company, and its unauthorized access by individuals, some of whom may be employees of the company itself, can cause severe damage to the reputation of the company and its financial health and viability. Companies often use, therefore, single, double, and more complex password security systems to prevent access to their systems by unauthorized users, but in addition must also be concerned about an authorized user, not having permission to use a particular software, who will still have access to the system.
Further, it is not common for the software programs themselves to be stored in an encoded manner nor is it common, once the individual has xe2x80x9cbroken inxe2x80x9d to the system, to prevent access to much if not all of the data available to a typical user. It is therefore, important to protect to as high a degree as possible the software programs stored in systems which are accessible by more than one authorized user, and to enable tracking of the users accessing software using methodologies which are neither obvious nor easily detected.
The invention relates to a method of controlling the distribution of computer software products stored at a file server. The method features the steps of requesting the identity of a user and that user""s secret key before enabling access by the user of requested program products. The requested program product is encoded, if the user identity and secret key match corresponding entries in a file server database, the program products being encoded using a second key which is known to the user (and which will be used by the user in decoding and executing the program). Also included in the encoded program is at least one embedded identification of the user.
In different aspects of the method of the invention, there are featured the steps of storing at the file server, and within a camouflaged program on a disk memory and/or a nonvolatile, non-disk memory, an identification of the user accessing the requested program for later use, if necessary, in tracking the users with who accessed the program. The method further features embedding at least two identifications of the user in the encoded program, at least one of the identifications being difficult to find and at least one of the identifications being easy to find. Preferably, the identifications are used in constructing a check code, such as a CRC code, to ensure that xe2x80x9chackingxe2x80x9d or other debug processes have not been employed to modify the identification of the user.
The encoded program can then be decoded by the user, using the second key which the user has available. The decoded program is executed, preferably on the fly, and is performed so that no copy of the executable program exists in non-volatile memory. If the correct second key is not provided, steps are taken to execute the improperly decoded program in a program destruct fashion wherein at least portions of the encoded program are rendered permanently unexecutable. In addition, the computer system attempting to execute the improperly decoded program can be disabled thereby requiring the system to be rebooted.
The method further features making the encoding dependent upon a third key which is derived from the address on, for example, hard disk at which the encoded program is stored. Thus, if the encoded program is moved from its original location, for example by copying onto floppy disk and then recopying into a new computer system, the program will not correctly decode and can effect destruction of at least portions of the program or the operating system of the computer.
In another aspect, the method relates to controlling the distribution of computer software products stored at a file server and delivered, upon a user request, over a network (such as the Intranet, Internet, . . . ). The method features the steps of receiving a request from a user to deliver a computer program over the network; requesting the identity of the user and the user""s secret key before enabling access to the requested computer program; verifying the identity of the user; using the user""s secret key, encoding the requested program, including embedding in the encoded program at least one identification of the user, and using at least an encoding key known to the user; and delivering the encoded program over the network to the user.
The apparatus of the invention relates to controlling the distribution of computer software products stored at a file server and features circuitry for requesting the identity of a user and the user""s secret key to enable access to a requested program, circuitry for encoding the requested program if the user identify and the supplied secret code correspond to entries stored in a file server, the encoding being effected using a second key known to the user, and circuitry for embedding in the encoding program an identification of the user.
In other embodiments of the invention, the apparatus provides for controlling the unauthorized removal of software from a non-volatile storage medium and features circuitry for storing an encoded version of the requested software in the user""s medium at an address used for deriving an encoding key. The encoding key is used to encode and decode the software. The invention further features circuitry for decoding the encoded software using a decoding key based upon the location of the encoded software at the user""s storage medium.
In a preferred embodiment of the apparatus, circuitry is provided for storing at least two user identifications in the encoded program, and for using those identifications in a error check, for example a CRC check. In yet another embodiment of the apparatus, the server stores, in a non-volatile memory, an identification of the last user or users accessing a particular program.