A computer consists of a central processor unit, I/O control, peripheral devices and memory. The memory contains instructions and data that are combined and grouped to form at least one program. One class of programs, known as applications or utility programs, solve a problem or perform some other utilitarian function. The other class of programs, called control or executive programs, perform a variety of housekeeping and control functions that are essential to the operation of a computer. In each type, instructions and data are generally encoded into different portions of the same memory.
Data stored in the memory are accessed by the processor in the following manner. The processor is first controlled to read an instruction stored in the memory in an instruction fetch, sometimes termed OP-FETCH, machine cycle. The instruction is then used by the processor to read data stored elsewhere in the memory during a subsequent READ MEMORY machine cycle. The memory is selected for operation by a memory decoder on the address bus of the processor.
The contents of the memory may in some cases be proprietary. Particular types of data that may be proprietary include account information in electronic funds transfer systems, government classified information and personal data. Software stored in memory is commonly proprietary so that it can be classified as a trade secret. A memory containing such data or software is termed herein "protected memory". The memory may be of a read only type (ROM), a programmable type (PROM), random access type (RAM) or other type. Software stored in ROM or PROM is commonly termed firmware rather than software. The term software is used herein, however, to designate firmware as well as software for convenience.
In the past, several different approaches for protecting software have been taken. In addition to legal forms of protection which is beyond the scope of this discussion, a number of hardware based protection systems have been developed. One form involves assigning a secret number, or key, to the software, making the number available to only the authorized user and requiring the user to keyboard enter the secret number to enable access to data stored in the memory. The secret number is thereafter scrambled and compared with a corresponding number stored within the memory; access to the memory is permitted only if there is a positive match. This type of system tends to be hardware intensive and is possible to overcome by obtaining the secret number or breaking the scrambling algorithm.
Other types of software protection systems are software based. In one system, programming produces a sequence of executable codes in a normal manner but prohibits the user from randomly accessing the memory addresses. A secret executive routine contains a table of the legal next steps for every given step in the program. Only those steps listed in the table can be accessed by the user. If a program contains a branch to one of two places, only those two places can be examined by the programmer at that time. If the program contains enough branches it will be virtually impossible for the user to run through every permutation of the program to obtain a complete listing of the code.
Another system involves monoalphabetic substitution, wherein each byte of a program is replaced by a substitute byte. Each byte of the enciphered program is deciphered when needed by simple table look-up using a substitution table.
Some systems involve particular formatting of data on a storage disc; the format is altered by changing data locations. Other systems use memory bounds, wherein registers store the upper and lower bounds for data to be read, written or instructions to be fetched. Each memory request is address compared with the stored address bounds to determine whether access is permitted.
All of the software protection systems of which I am aware are deficient in one form or another, either by requiring excessive hardware or software or by limiting use by authorized user, e.g., making it impossible to make back-up copies or requiring substantial additional software or storage. The software further is not completely secure against unauthorized access or is not microcomputer compatible.