The term “use-information” refers herein to information about measured use of a program on a computer, e.g. the remaining time for using the program, the number of times the program has been executed, and so forth. Typically, the use-information of a program is stored in a file, the registry of the user's computer, a hardware dongle, network server, etc.
The use of a program is measured by tracing an “exhausting resource” associated with the use. For example, in a Try/Buy model a program can be restricted to a trial period (the resource is the time), or to a predefined number of times the program is allowed to be executed (the resource is a counter), the accumulated run-time of the program, etc.
In case where the use-information of a program is stored in a storage facility, such as a file, registry, database, etc., the hacker can keep a copy of stored information, and occasionally replace the existing one by this copy, thereby enabling the program to work beyond its predetermined restrictions. In order to overcome these problems, it is common to keep the use-information in a plurality of files/registry entries instead of a single one. However this is not effective since nowadays there are a variety of programming tools for monitoring the I/O (input/output), network and registry activity of a program, by which a hacker can detect these locations.
Using an external resource to the computer is a proper solution to overcome the problems described above. For example, the manufacturer of a program can use a Web server for storing the use-information of a program, but in this case each time the program is activated it should be connected to the Web for granting the permission to continue to operate, which of course, is not always practical.
Another well known solution is an external device to the computer, which provides a secure storage means for the use-information and also an external solution to the exhausting resource (e.g. a real-time clock, a counter, etc.). Such a solution can be implemented by a smartcard chip, a security dongle, and so forth. However, this solution is not convenient for both the vendor of the program and the user. Moreover, implementing the solution involves additional costs, which may be a meaningful factor to the profitability of a program in the case where the price of the program is low.
It is therefore an object of the present invention to provide a method for indicating the integrity of the use-information of a computer program.
It is a further object of the present invention to provide a method for indicating the integrity of the use-information of a computer program, in which no external facility to the computer is required.
Other objects and advantages of the invention will become apparent as the description proceeds.