News Column

Patent Issued for Handling of the Usage of Software in a Disconnected Computing Environment

June 19, 2014



By a News Reporter-Staff News Editor at Computer Weekly News -- From Alexandria, Virginia, VerticalNews journalists report that a patent by the inventors Clement, Jean-Yves (Saint Jeannet, FR); De Lampugnani, Olivier Y. D. (Cagnes sur mer, FR); Graffagnino, Gerard (Nice, FR); Lafois, Benjamin (Valbonne, FR), filed on November 8, 2010, was published online on June 3, 2014.

The patent's assignee for patent number 8745375 is International Business Machines Corporation (Armonk, NY).

News editors obtained the following quote from the background information supplied by the inventors: "Existing methods and systems to protect software against unauthorized use leverage approaches such as (A) check a key validity online, by Internet or a network connection or (B) write some hidden flags on a machine (registry, file system, etc) to save the first use, and limit to a predetermined number of days the usage (sharewares).

"These existing methods are not necessarily usable on particular systems. Some computing environments indeed can not be modified and are 'read-only'. Other computing environments are disconnected computing environments, i.e. with no network access (by nature or due to availability or security reasons). For example, read-only file systems on embedded appliance or live-CD systems cannot be modified. Or when the system powers off, any kind of modification is canceled or undone at the next start-up. This makes existing mechanisms inefficient. In some particular business computing environments (sensitive systems for instance), there is a need to run some software which must not modify anything in the running computing environment and/or which cannot rely on network connections."

As a supplement to the background information on this patent, VerticalNews correspondents also obtained the inventors' summary information for this patent: "There are provided exemplary embodiments including a method of handling usage of a software in a disconnected computing environment, a computer program product and a system.

"It is disclosed a method and system of handling usage of a software in a disconnected computing environment, the method including: generating by a computer processor a digital certificate including time frame constraints; signing by a computer processor the digital certificate by a certificate authority; associating by a computer processor the signed digital certificate to the software; and executing by a computer processor the software when the signed digital certificate is signed by the certificate authority and when the time frame constraints are satisfied in the disconnected computing environment. In other words, the digital certificate is validated and at the same time other conditions are verified. It is for example verified that the certificate authority is the right one among a plurality, if any. A standard comparison between objects is performed (here between public keys; to provide an image, the public key which has been 'stamped' in the software is compared with the 'official' public key of the certificate authority). Some embodiments of the invention thus relate to the combination of a date and a digital certificate; variations and improvements of this process are described herewith.

"The invention includes protecting a software, or an application or a functionality thereof, against unauthorized uses within predefined time frames. In other words, it enables control of the usage of the software. More generally, it is a method, computer program product and system of handling usage of software.

"An advantage of the invention is to handle disconnected computing environments and/or read-only computing environments.

"An advantage is indeed to provide control over the software, control which is rendered possible in computing environments which are not modifiable (this corresponds to 'read-only' environments) or in which modifications are not persistent (as in stateless environments).

"More precisely, a 'read-only' computing environment designates a computing system which is not modifiable or in which brought modifications are not persistent (from one session to another for example). Such 'read-only' systems relate to Live-CD, virtual machines or sandbox systems for example. The term 'read-only' also addresses the case of a production system which cannot be modified or which must remain in the same state before and after the execution of the considered software, for example, for production constraints or reasons; in this latter case, it may be possible to read/write in the filesystem but no persistent modifications and/or logs and/or traces are allowed. In this sense, the properties of the computing environment on which the software executes are much broader than 'read-only' properties; said properties relate to 'non-persistent' or 'stateless' or 'temporary' properties. Yet in a preferred embodiment, the computing environment is 'read-only'.

"Many combinations are possible: a read-only environment may be connected (with network connectivity) or disconnected, while a read/write environment may be connected or disconnected too. The invention addresses these different possibilities.

"An advantage of the invention is to enable a control of the usage of an application in a specified time frame. A guarantee is granted to the editor that its software will not be used before the predefined beginning date, or after its expiration date.

"An advantage of the invention is to enable the identification of the source of a data leak, if any. If there is a data leak, the source of the data leak may be easy to identify: the user identifier may indeed be hard-coded in the software or in the digital certificate and following associated with the leaked data.

"An advantage of the invention further stems from an implementation option. The term 'hard-coded' signifies that information is inserted in instructions of the program or software, for example, in lines of code. Said information corresponds to the information related to the digital certificate or to any other information, such as the user information for example. This hard-coding option may also be complemented by obfuscation techniques such as hardening of the software code to impede or render difficult the reverse engineering, if any.

"The association between the digital certificate and the considered software can be dynamic or static. The association term may designate the step of establishing a link, of adding cross-references or of defining a correspondence. Embodiments wherein the digital certificate is a tile enable possible modifications and handling operations, brought independently to the software or to the digital certificate; whereas embodiments wherein the digital certificate is hard-coded in the software present other advantages such as a better portability or management or even security in certain cases.

"A further advantage of the invention is that it then prevents illegal or unacceptable or unauthorized usage of the software.

"A further advantage of the invention is that it offers a possibility of data encryption. Data may be deciphered only by the software distributor or issuer or publisher or provider or deliverer. It may for example be very useful in cases wherein software collects sensitive data on a given computing environment, and this collected data require further processing by the software deliverer. In such a case, if data is lost (portable media or Internet), these data will not be usable by any other party.

"Further advantages of the invention will become clear to the skilled person upon examination of the drawings and detailed description. It is intended that any additional advantages be incorporated therein."

For additional information on this patent, see: Clement, Jean-Yves; De Lampugnani, Olivier Y. D.; Graffagnino, Gerard; Lafois, Benjamin. Handling of the Usage of Software in a Disconnected Computing Environment. U.S. Patent Number 8745375, filed November 8, 2010, and published online on June 3, 2014. Patent URL: http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.htm&r=1&f=G&l=50&s1=8745375.PN.&OS=PN/8745375RS=PN/8745375

Keywords for this news article include: Software, International Business Machines Corporation.

Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC


For more stories covering the world of technology, please see HispanicBusiness' Tech Channel



Source: Computer Weekly News


Story Tools






HispanicBusiness.com Facebook Linkedin Twitter RSS Feed Email Alerts & Newsletters