1. Field of the Invention
This invention relates generally to computer software and the security of computer software programs. More particularly, this invention relates to a system and method for protecting computer software from unauthorized use and/or copying.
2. Description of the Related Art
Most computer software programs are distributed as machine-readable information recorded on some form of storage medium (e.g., floppy disk, CD-ROM). These programs are run simply by loading the storage medium into a suitable, computer memory device for subsequent use.
In the absence of any copy protection, anyone who has physical possession of the distribution storage medium can make several copies of that computer software and each copy may be used on a separate computer system. Although making back-up copies of software is normally desirable, allowing numerous unauthorized copies is very undesirable. Unfortunately, such unauthorized copying is widespread and deprives the software suppliers legitimate sales and therefore revenue.
Prior art methods have been developed to try to protect computer software. However, these all have various failings as evidenced by the extensive amount of unauthorized copying which is known to exist today. The Software Publishing Association, an industry group of more than 900 firms, estimated that in 1993 the industry lost more than $2.5 billion to this problem.
One such software protection method is "copy protection" where a non-standard disk format is used for recording a software program onto the distribution medium. A short, machine language program, in standard format, is included as an auxiliary program on the disk. This machine language program tells the computer how to read the non-standard format in which the program is recorded. Since standard copying programs can only read or write data in standard format, copying of this program is considerably more difficult, but not impossible.
The use of such "copy protected" software led to the development and sale of numerous "bit copier" utility programs, which, unlike standard copy utilities, can produce executable duplicates of such programs. Thus, this form of media copy protection discourages, but did not prevent unauthorized software copying.
Another method or approach to software protection is to use an electronic security device, sometimes called a dongle, which attaches to one of the computer's external/internal ports. Programs which are to be protected in this way must make procedure calls which interrogate the port to make sure the dongle is in place, and that the dongle has a unique identifier which matches the unique identifier embedded in a location within the program. If the dongle is not there, or if one is attached which has a non-matching identifier, the program terminates. Various manufacturers of such devices continue to sell them to software vendors, but most software is still sold without these devices, either because of cost criteria or the lack ox acceptance by software purchasers.
Still another approach to software protection requires the user to utilize a secret code or password which must be obtained from the software supplier and entered when using the software. However, this approach still does not preclude unauthorized copying since the code or password can be obtained by one person and can be given to many other users.
Other such methods requiring interaction between the software user and the software vendor have been developed. For example, U.S. Pat. No. 4,658,093 discloses a secure distribution system for software comprising: a base unit on which the software is to be installed, a remote authorization unit and communications means between them, wherein the base unit comprises means for: (i) inhibiting use of the software without authorization from the remote unit, (ii) requesting authorization, (iii) receiving and verifying authorization, and (iv) permitting authorized use, and wherein the remote unit comprises means for processing and providing authorization. The medium containing the software itself is seen to be relatively passive in this protection scheme.
U.S. Pat. No. 4,688,169 discloses a security system for restricting execution of software to a particular machine comprising unique identification numbers for individual computers, software with the capability to determine and store the identification numbers of the computers on which it is running, plus, when an attempt is made to run the software on a different computer, to compare the identification numbers and prevent further execution if the numbers do not match.
U.S. Pat. No. 5,199,066 discloses method and system for protecting software from unauthorized copying. The method comprises the steps of: (1) inputting both a hardware code corresponding to the hardware on which the software is to run and a first software code for the particular embodiment of the software, (2) operating on these codes to yield a first intermediate code, (3) inputting an activation code obtained from the software vendor, (4) operating upon the first intermediate code and the activation code to yield a second intermediate code, (5) comparing the second intermediate code with a second software code uniquely associated with the particular embodiment of the software being employed and stored at a hidden location within the software, the second software code not being ascertainable by the user, and (6) enabling the software if the second intermediate code and the second software code are identical.
Other forms of software protection have been developed and employed with limited success, In some cases, the other forms of protection are too expensive to employ with some software. In other cases, these other forms of protection are not technically suitable for some software.
Despite this prior art, the need exists for an invention that can provide for distributing software to users and allowing the users to conveniently install and use the software while, at the same time, protecting the interests of the software suppliers by preventing the unauthorized use of the software.