U.S. patent application number 10/862285 was filed with the patent office on 2004-11-04 for system and method for monitoring software.
This patent application is currently assigned to Z4 Technologies, Inc.. Invention is credited to Colvin, David S..
Application Number | 20040221170 10/862285 |
Document ID | / |
Family ID | 27376617 |
Filed Date | 2004-11-04 |
United States Patent
Application |
20040221170 |
Kind Code |
A1 |
Colvin, David S. |
November 4, 2004 |
System and method for monitoring software
Abstract
Systems and methods for monitoring, testing, distribution, and
use of computer software with associated methods and systems for
repeatedly contacting a software user and exchanging information,
such as passwords, authorization information, marketing,
advertising, or promotional information include associating a list
of passwords with each copy or group of copies of computer software
which must be entered at predetermined intervals to provide
continued use of the software. Software monitoring and network
license metering may be providing by storing information relative
to software operation on a local computer or server and
transferring the information to a remote computer or server at
predetermined intervals.
Inventors: |
Colvin, David S.; (Commerce
Township, MI) |
Correspondence
Address: |
BROOKS KUSHMAN P.C.
1000 TOWN CENTER
TWENTY-SECOND FLOOR
SOUTHFIELD
MI
48075
US
|
Assignee: |
Z4 Technologies, Inc.
Commerce Township
MI
|
Family ID: |
27376617 |
Appl. No.: |
10/862285 |
Filed: |
June 7, 2004 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
10862285 |
Jun 7, 2004 |
|
|
|
09818819 |
Mar 27, 2001 |
|
|
|
10862285 |
Jun 7, 2004 |
|
|
|
09535321 |
Mar 27, 2000 |
|
|
|
6460142 |
|
|
|
|
09535321 |
Mar 27, 2000 |
|
|
|
09090620 |
Jun 4, 1998 |
|
|
|
6044471 |
|
|
|
|
60192284 |
Mar 27, 2000 |
|
|
|
Current U.S.
Class: |
713/193 |
Current CPC
Class: |
G06F 21/121
20130101 |
Class at
Publication: |
713/193 |
International
Class: |
H04L 009/32 |
Claims
What is claimed is:
1. A method for generating a plurality of authorization codes for
use in monitoring software to reduce unauthorized copying or use of
the software, the method comprising: repeatedly requiring entry of
an authorization code for continued use of the software beyond an
associate authorization interval.
2. The method of claim 1 further comprising associating an
activation key with the software, the activation key being entered
by a user during registration of the software.
3. The method of claim 2 wherein the same activation key is
associated with a predetermined number of copies of the
software.
4. The method of claim 2 wherein the activation key is embedded
within the software.
5. The method of claim 2 wherein the activation key comprises a
plurality of alphanumeric characters.
6. The method of claim 1 further comprising: encrypting the
authorization code prior to supplying the authorization code to an
authorized user of the software.
7. The method of claim 1 further comprising: requiring a user of
the software to contact an authorized software representative
during installation of the software; obtaining registration
information from the user; obtaining an activation key from the
user to enable use of the software during a first authorization
interval; determining whether the user is an authorized user based
on the registration information and the activation key; and
supplying the authorization code from a plurality of authorization
codes corresponding to the activation key based on the
determination of whether the user is an authorized user.
8. The method of claim 7 further comprising encrypting the
authorization code prior to supplying the authorization code.
9. The method of claim 7 wherein the step of supplying comprises:
determining a password code based on the activation key; accessing
a look-up table indexed by the password code to identify an
algorithm for generating a plurality of passwords associated with a
particular copy of the software; and selecting one of the plurality
of passwords to supply to the user.
10. The method of claim 9 wherein the step of selecting one of the
plurality of passwords comprises: selecting one of the plurality of
passwords based on a previously supplied password.
11. The method of claim 7 wherein the plurality of authorization
codes is generated prior to distribution of the authorization
codes.
12. The method of claim 7 wherein the step of supplying comprises:
supplying a master authorization code which disables the software
if the user is an unauthorized user.
13. The method of claim 7 wherein the step of supplying comprises:
supplying a master authorization code which allows for indefinite
use of the software.
14. The method of claim 7 wherein the step of supplying comprises:
supplying a master authorization coded which allows operation of
the software for a predetermined period of time, wherein the master
authorization code is not associated with any particular copy of
the software.
15. The method of claim 7 further comprising: transferring
advertising, marketing, or promotional information to the user
while supplying the authorization code.
16. The method of claim 7 wherein the step of determining
comprises: comparing the registration information with previously
obtained registration information associated with the activation
key; and determining that the user is an authorized user if no
previously obtained registration information exists or if the
previously obtained registration information substantially matches
the registration information supplied by the user.
17. A method for monitoring software to reduce unauthorized use,
the method comprising: associating an authorization code with a
copy of the software, the authorization code including a password
code associated with a plurality of passwords which must be
repeatedly entered at selected intervals for continued use of the
software, the authorization code being distributed with the copy of
the software and the plurality of passwords being maintained by an
authorized software representative; obtaining the authorization
code from a user or a user computer; parsing the authorization code
to determine the associated password code; selecting one of the
plurality of passwords associated with the password code; and
providing the selected password to the user or the user computer to
allow operation of the software for the selected interval.
18. The method of claim 17 further comprising encrypting the
selected password before providing the password to the user or the
user computer.
19. The method of claim 17 further comprising: associating a
customer code with a developer of the software; generating a serial
number for each copy of the software; and combining the customer
code, the serial number, and the password code to form the
authorization code.
20. The method of claim 19 wherein the step of generating a serial
number comprises generating a unique serial number for each copy of
the software.
21. The method of claim 19 wherein the step of generating a serial
number comprises generating an identical serial number for a
predetermined number of copies of the software.
22. The method of claim 19 wherein the serial number comprises a
plurality of alphanumeric characters.
23. The method of claim 17 wherein the step of obtaining comprises
automatically obtaining the authorization code at predetermined
intervals when the user computer is connected to the internet.
24. The method of claim 17 further comprising transferring
advertising, marketing, or promotional information while obtaining
the authorization code.
25. The method of claim 17 further comprising: transferring
advertising, marketing, or promotional information to the user, the
user computer, or the software while supplying the password.
26. The method of claim 17 wherein the step of selecting one of the
plurality of passwords comprises: selecting one of the plurality of
passwords based on a previously selected password.
27. The method of claim 17 wherein the plurality of passwords is
generated prior to distribution of the authorization code.
28. The method of claim 17 wherein the step of providing comprises:
providing a master password which disables the software if the user
is an unauthorized user.
29. The method of claim 17 wherein the step of providing comprises:
providing a master password which allows for indefinite use of the
software.
30. The method of claim 17 wherein the step of providing comprises:
providing a master password which allows operation of the software
for a predetermined period of time, wherein the master password is
not associated with any particular copy of the software.
31. The method of claim 17 wherein the step of providing comprises:
providing the password to a user for manual entry into the
software.
32. The method of claim 17 wherein the step of providing comprises:
providing the password to a user for manual entry into the software
to authorize use of the software for a predetermined interval.
33. The method of claim 17 wherein the step of providing comprises:
encoding the password prior to providing the password to the user
or the user computer.
34. The method of claim 17 further comprising: prompting the user
to obtain a new password prior to expiration of the selected
interval; automatically contacting an authorized software
representative to obtain a subsequent password from the plurality
of passwords associated with the password code of the authorization
code to authorize continued use of the software for a subsequent
interval.
35. The method of claim 17 further comprising: automatically
contacting an authorized software representative to obtain a
subsequent password from the plurality of passwords associated with
the password code of the authorization code prior to expiration of
a current interval to authorize use of the software for a
subsequent interval without alerting the user.
36. The method of claim 35 wherein the step of automatically
contacting comprises establishing a connection over the internet
using a browser application.
37. A method for monitoring software installed on a plurality of
computers in communication with one another or a central computer
to form a computer network, the method comprising: associating an
activation code with the software for authorizing a predetermined
number of copies of the software to be installed on computers
associated with the computer network, the activation code having a
corresponding plurality of passwords; collecting registration
information from each computer associated with the computer network
during installation of the software; providing a first password
from the plurality of passwords to the computers associated with
the computer network for the predetermined number of copies of the
software to authorize operation of the software for a first
interval; and requiring entry of another one of the plurality of
passwords for each copy of the software to continue operating
beyond the first interval.
38. The method of claim 37 further comprising: prompting each
computer user prior to expiration of the first interval to contact
an authorized software representative to obtain a subsequent
password for continued operation of the software.
39. The method of claim 37 wherein the software automatically
contacts an authorized software representative to obtain a
subsequent password from the plurality of passwords associated with
the activation code.
40. The method of claim 37 further comprising: monitoring use of
each computer to determine when the computer is idle; and
automatically obtaining a subsequent password from the plurality of
passwords for continued operation of the software when the computer
is idle.
41. The method of claim 37 wherein each password includes
information to uniquely identify a particular computer associated
with the computer network.
42. The method of claim 37 further comprising encrypting the
passwords prior to providing the passwords to the computers
associated with the computer network.
43. The method of claim 37 wherein the plurality of passwords are
related such that subsequent passwords are determined based on one
or more previous passwords.
44. The method of claim 37 further comprising: prompting a computer
user to obtain another password for continued operation of the
software prior to expiration of a current authorization interval;
contacting an authorized software representative to obtain another
password for continued operation of the software; collecting
registration information; comparing the registration information to
previously collected registration information associated with the
activation code; and providing a subsequent password only if the
registration information substantially matches the previously
collected registration information for the activation code.
45. A method for monitoring computer software, the method
comprising: storing information relative to use of the computer
software; and automatically transmitting the stored information to
an authorized software representative at predetermined
intervals.
46. The method of claim 45 wherein the step of storing comprises:
monitoring execution of the computer software to detect errors; and
logging errors to a locally stored file.
47. The method of claim 45 wherein the step of storing comprises:
storing date and time of use each time the computer software is
executed.
48. The method of claim 45 wherein the step of storing comprises:
monitoring execution of the computer software to detect when a user
requests help from a help menu associated with the computer
software; and storing a current program context for the software
program each time the user requests help.
49. The method of claim 45 wherein the step of storing comprises:
storing information relative to all application programs running on
a computer when an error occurs while executing the computer
software.
50. The method of claim 45 wherein the computer software is
accessible by a plurality of computers connected to a local server
to form a local area network and wherein the step of storing
comprises storing information on the local server relative to the
number of computers executing the computer software.
51. The method of claim 50 wherein the computer software is
accessible by a plurality of computers connected to a local server
to form a local area network and wherein the step of automatically
transmitting comprises transmitting the information stored on the
local server to a remote server associated with the authorized
software representative and connected via the internet.
52. The method of claim 45 further comprising: associating an
authorization code with at least one copy of the computer software,
the authorization code including a password code associated with a
plurality of passwords with each password authorizing operation of
the computer software for one of the predetermined intervals;
requesting registration information from at least one user upon
expiration of each of the predetermined intervals; automatically
providing a password from the plurality of passwords for each of
the predetermined intervals for which the registration information
indicates that the user is an authorized user.
53. The method of claim 52 further comprising: automatically
providing advertising, marketing, or promotional information to the
at least one user while obtaining the requested registration
information.
54. A method for monitoring computer software used by a plurality
of computers connected to a local server to form a local area
network to reduce unauthorized use of the computer software, the
method comprising: monitoring a number of computers using the
computer software; storing information associated with the
computers using the computer software on the local server;
repeatedly transferring the stored information to a remote
server.
55. The method of claim 54 wherein the stored information includes
dates and times of use of the computer software.
56. The method of claim 54 wherein the step of repeatedly
transferring the stored information comprises automatically
transferring the stored information at predetermined intervals.
57. The method of claim 56 wherein the predetermined intervals are
based on elapsed execution time of a particular copy of the
computer software.
58. The method of claim 56 wherein the predetermined intervals are
based on aggregate execution time of all copies of the computer
software.
59. The method of claim 56 wherein the predetermined intervals are
based on a date associated with the local server.
60. The method of claim 56 wherein the predetermined intervals are
based on a date associated with the remote server.
61. The method of claim 56 wherein the predetermined intervals are
regular intervals.
62. The method of claim 54 wherein the stored information includes
registration information associated with the plurality of
computers.
63. The method of claim 54 wherein the stored information includes
information to uniquely identify each of the plurality of computers
using the computer software.
64. The method of claim 54 further comprising: repeatedly
transferring registration information associated with the local
server to the remote server at predetermined intervals to authorize
continued use of the software provided the registration information
indicates the local server corresponds to an authorized user.
65. A method for monitoring computer software used by a plurality
of computers connected to a local server to form a local area
network to reduce unauthorized use of the computer software, the
method comprising: associating an authorization code with a
plurality of copies of the software, the authorization code
including a password code associated with a plurality of passwords
which must be repeatedly entered at selected intervals for
continued use of the software, the authorization code being
distributed with the copies of the software and the plurality of
passwords being maintained by an authorized software representative
on a remote server; obtaining the authorization code from the local
server or a user computer; parsing the authorization code to
determine the associated password code; selecting one of the
plurality of passwords associated with the password code; providing
the selected password to the local server or the user computer to
allow operation of the software for the selected interval;
monitoring a number of computers using the computer software;
storing information associated with the computers using the
computer software on the local server; and repeatedly transferring
the stored information to the remote server upon expiration of each
selected interval.
66. The method of claim 65 further comprising encrypting the
information prior to storing the information on the local
server.
67. The method of claim 65 wherein the selected intervals
correspond to aggregate execution time of the computer
software.
68. The method of claim 65 wherein the selected intervals are based
on a date generated by the local server.
69. The method of claim 65 wherein the selected intervals are based
on a date generated by the remote server.
70. The method of claim 65 wherein the stored information uniquely
identifies each of the computers using the computer software.
71. The method of claim 65 wherein the stored information includes
a local date and time corresponding to use of the computer software
by each of the computers of the local area network.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is a continuation of co-pending U.S.
application Ser. No. 09/818,819, filed Mar. 27, 2001, now U.S. Pat.
No. ______; which claims priority to U.S. provisional application
Serial No. 60/192,284, filed Mar. 27, 2000 and which is a
continuation-in-part of U.S. application Ser. No. 09/535,321, filed
Mar. 27, 2000, now U.S. Pat. No. 6,460,142; which is a continuation
of U.S. application Ser. No. 09/909,620, filed Jun. 4, 1998, now
U.S. Pat. No. 6,044,471; the disclosures of which are hereby
incorporated by reference in their entirety.
BACKGROUND OF THE INVENTION
[0002] 1. Field of the Invention
[0003] The present invention relates to systems and methods for
monitoring, testing, distribution, and use of computer software
with associated methods and systems for repeatedly contacting a
software user and exchanging information, such as passwords,
authorization information, marketing, advertising, or promotional
information, quality assurance information, and network monitoring
and metering.
[0004] 2. Background Art
[0005] Software developers are often victims of illicit copying and
unauthorized use of their software in violation of contractual
obligations imposed by licensing agreements and subject to civil
and criminal penalties under various domestic and foreign laws.
Unauthorized entities range from a relatively small percentage of
the total users to an overwhelming majority of illegal users.
Likewise, unauthorized use may range from an "extra" copy on a
laptop computer or for an office mate to "try" the software, to
understating the number of users for a "site" license or networked
version of the software, to wholesale copying and black market
selling or distribution of pirated software. Such unauthorized use
not only amounts to theft of the developers' intellectual property,
but also reduces the number of programs sold and therefore the
associated profitability of the developer. This may ultimately
diminish the creative effort expended by the software developers
due to the reduced financial incentive. The advent of the Internet
has contributed to the proliferation of pirated software, known as
"warez", which is easily located and readily downloaded.
[0006] Various strategies have been employed to make unauthorized
duplication and use of software more difficult. One such approach
is to provide a hardware "key" which is typically installed in the
parallel port of the computer to provide a software interlock. If
the key is not in place, the software will not execute. This method
is relatively expensive for the developer and cumbersome for the
authorized user while remaining vulnerable to theft by duplication
of the hardware key.
[0007] Another approach requires the user to enter a serial number
or customer identification number during installation of the
software. Missing or invalid registration information prevents
installation of the software. This approach is easily defeated by
transferring the serial number or customer identification number to
one or more unauthorized users.
[0008] Yet another approach requires registering the software with
the manufacturer or distributor to obtain an operational code or
password necessary for installation of the software. Again, once
the operational code or password is obtained, it may be perpetually
transferred along with pirated copies to numerous unauthorized
users.
[0009] Various copy protection strategies have been employed to
reduce the number of unauthorized copies available. This approach
is generally disfavored by users who may have a legitimate need to
make backup or archival copies or transfer a copy to a new computer
or hard drive.
[0010] In addition to revenue lost due to unauthorized copying of
software, developers expend significant resources to research and
develop new software features which will be embraced by users. The
increasing complexity of software combined with the wide variety of
hardware platforms makes it virtually impossible for a developer to
test every combination of features for compatibility and proper
operation, particularly while subject to market pressures to
release new versions of the software on a regular basis.
Compatibility issues may arise when a particular application is
used with one or more other applications which may be specific to a
particular field or discipline. Minor errors or compatibility
issues often are not reported by users but contribute to overall
dissatisfaction with the product and may result in reduced sales
for future versions. Product research relative to the strengths and
weaknesses of the software and the desirability of new features is
often costly and time consuming which contributes to the market
sensitive release of new versions of the software.
[0011] While prior art strategies have enjoyed various levels of
success in reducing unauthorized use of software, they often impose
a significant burden on the authorized users or are easily defeated
by unauthorized users. As such, software developers need an
apparatus and/or method for reducing unauthorized use of software
which does not burden the authorized users to dissuade them from
purchasing and using the protected software.
SUMMARY OF THE INVENTION
[0012] As such, it is an object of the present invention to provide
systems and methods for monitoring, testing, distribution, and use
of computer software.
[0013] Another object of the present invention is to provide
systems and methods for repeatedly contacting a software user and
exchanging information, such as passwords, authorization
information, marketing, advertising, or promotional
information.
[0014] A further object of the present invention is to provide
systems and methods for monitoring software use to reduce
unauthorized software use through repeated contact with users.
[0015] Another object of the present invention is to provide
systems and methods for monitoring, metering or auditing networked
computers having access to particular computer software for
compliance with software licensing terms.
[0016] Yet another object of the present invention is to provide
systems and methods for improving software quality assurance.
[0017] A further object of the present invention is to provide
systems and methods for collecting operational data relative to
various software features which may include program use, errors,
help requests, and the like.
[0018] In carrying out the above objects and other objects,
features, and advantages of the invention, a system and method for
generating a plurality of authorization codes for use in monitoring
software to reduce unauthorized copying or use of the software
include repeatedly requiring a user or user computer to obtain an
authorization code upon expiration of an authorization interval for
continued operation of the computer software. In one embodiment,
the system and method include assigning a unique customer code to a
software developer, publisher, or distributor, generating a serial
number for each copy of the computer software, generating a
password code identifying a plurality of passwords or a password
algorithm for each copy of the software, and combining the customer
code, the serial number, and the password code to form an
authorization code for each copy of the software. In one
embodiment, the system and method require a user of the software to
contact an authorized software representative during installation
of the software, collect registration information from the user or
the user computer including an activation key or code, and
determine whether the user is an authorized user based on some or
all of the registration information and the activation key or code.
The system and method then supply an authorization code from a
plurality of available authorization codes corresponding to the
activation key or code based on the determination of whether the
user is an authorized user.
[0019] In another embodiment of the present invention, a system and
method for monitoring computer software installed on a plurality of
computers in communication with one another or a central computer
to form a computer network include associating an activation code
or password with the computer software for authorizing one or more
copies of the software to be installed on computers associated with
the computer network, the activation code or password corresponds
to a plurality of authorization codes or passwords (which may be
identical if desired), collecting registration information from one
or more computers or servers associated with the computer network
during installation of the computer software, providing a first
authorization code or password from the plurality of authorization
codes or passwords for the software to authorize operation of the
computer software for a first interval, and requiring entry of
another one of the plurality of authorization codes or passwords
for each copy of the computer software to continue operating beyond
the first interval.
[0020] Systems and methods for monitoring computer software to
provide quality assurance and marketing information to software
developers and/or remote monitoring of network/site license
compliance are also provided. In these embodiments, the systems and
methods may include storing information relative to use of the
computer software and automatically transmitting the stored
information to an authorized software representative at
predetermined intervals. In one implementation, a system and method
for monitoring computer software used by a plurality of computers
connected to a local server to form a local area network to reduce
unauthorized use of the computer software include monitoring a
number of computers using the computer software, storing
information associated with the computers using the computer
software on the local server, and repeatedly transferring the
stored information to a remote server.
[0021] The present invention provides a number of advantages
relative to prior art systems and methods for monitoring, testing,
distribution, and use of computer software. For example, the
present invention allows for complete operational and pricing
flexibility while providing ongoing contact with authorized users
and reducing unauthorized use of software. The global quality
assurance capabilities of the present invention afford software
developers the ability to fully audit their software applications
to identify the strengths, weaknesses, use, and/or errors of
various software features. This feature of the present invention
may be used for complete statistical control during and after beta
test cycles including full monitoring of errors, conflicts, use
patterns, etc. eliminating reliance upon human reporting and
research. The quality assurance features of the present invention
may also be used to provide a complete fault or error log of
program conflicts or shutdowns with associated error codes of all
programs in use, worldwide, in addition to a complete log of
non-fatal errors of all programs in use on a particular computer.
Likewise, monitoring of use patterns including time of use, most
used features and tools, and use and context of help screens, may
be provided through local storage of information which is
subsequently transferred to a remote server at predetermined
intervals. The flexibility associated with the present invention
accommodates a wide range of audit parameters for use in quality
assurance as well as network license metering and monitoring.
Additional flexibility is provided in that the various features of
the present invention may be used alone or in any combination.
[0022] The above advantages and other advantages, objects, and
features of the present invention, will be readily apparent from
the following detailed description of the best mode for carrying
out the invention when taken in connection with the accompanying
drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
[0023] FIGS. 1a and 1b is a block diagram illustrating one
embodiment for software monitoring to reduce unauthorized use
according to one embodiment of the present invention;
[0024] FIG. 2 is a block diagram illustrating one embodiment for
initial installation of computer software for a system or method
for monitoring software according to the present invention;
[0025] FIG. 3 illustrates an authorization or activation code and
related password sequence tables according to one embodiment for
monitoring software of the present invention;
[0026] FIGS. 4a and 4b illustrate generation of an activation code
and associated password entered by a user for continued operation
of protected computer software according to one embodiment of the
present invention;
[0027] FIGS. 5, 6, and 7 illustrate messages which provide
information to a user of protected software during initial
installation or subsequent password updates according to one
embodiment of the present invention;
[0028] FIG. 8 illustrates representative information including but
not limited to advertising, marketing, or promotional information
which may be transferred during initial installation or a
subsequent password updates according to one embodiment of the
present invention;
[0029] FIG. 9 is a block diagram illustrating operation of a system
or method for monitoring software including a license file or
password update process according to one embodiment of the present
invention;
[0030] FIG. 10 is a block diagram illustrating operation of a
system or method for automatically renewing or updating a password
according to one embodiment of the present invention;
[0031] FIG. 11 is a block diagram illustrating operation of a
system or method for server registration and validation of an
activation key according to one embodiment of the present
invention;
[0032] FIG. 12 is a block diagram illustrating operation of a
system or method for server license file renewal according to one
embodiment of the present invention;
[0033] FIGS. 13a and 13b illustrate a representative database for
use in facilitating batch and interactive processing of monitoring
functions administered by an authorized software representative
according to one embodiment of the present invention;
[0034] FIGS. 14a and 14b illustrate a system or method for batch
distribution of authorization information which may be encrypted
according to one embodiment of the present invention;
[0035] FIG. 15 is a block diagram illustrating a representative
system for monitoring software according to one embodiment of the
present invention; and
[0036] FIG. 16 is a block diagram illustrating an alternative
embodiment of a system for auditing or metering network software
which may include various quality assurance features according to
one embodiment of the present invention.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT(S)
[0037] As will be appreciated by one of ordinary skill in the art,
the various block diagrams illustrating operation of a system or
method for monitoring software according to the present invention
may be implemented using one or more general purpose computers,
dedicated hardware, or a combination of general and special purpose
hardware and software. The various functions or steps illustrated
are preferably effected by a programmed computer unless otherwise
indicated. Various steps or functions may be performed manually by
a software administration or a computer user without departing from
the spirit or scope of the present invention. As will also be
appreciated by those of skill in the art, the illustrated steps,
functions, or control logic may be implemented using any of a
number of known programming and processing techniques or strategies
and is generally not limited to the order or sequence illustrated.
For example, interrupt or event driven processing may be used to
capture various information relative to program errors or feature
use. Likewise, parallel processing, multi-tasking, or
multi-threaded systems and methods may be used to accomplish the
objectives, features, and advantages of the present invention.
[0038] The invention is independent of the particular programming
language, operating system, processor, or circuitry used to develop
and/or implement the control logic illustrated. Likewise, depending
upon the particular programming language and processing strategy,
various functions may be performed in the sequence illustrated, at
substantially the same time, or in a different sequence while
accomplishing the features and advantages of the present invention.
The illustrated functions may be modified, or in some cases
omitted, without departing from the spirit or scope of the present
invention. Although not explicitly illustrated, various steps or
functions may be repeatedly performed depending on the type of
function and the type of processing employed.
[0039] As described in greater detail below, the present invention
provides the capability of integrating various software monitoring
features to provide software security, advanced e-commerce
marketing and advertising concepts, global quality assurance, and
network license auditing, monitoring, and metering. Depending upon
the particular application, these features may be used alone or in
any combination. Those of ordinary skill in the art will recognize
that "passwords" and "authorization codes or keys" may be used
interchangeably unless otherwise noted. Similarly, "activation"
codes or keys typically represent the first "authorization code" or
"password" entered during initial registration of the computer
software. As will also be appreciated, authorization "intervals"
generally represent a metric for measuring use of a particular
software application program. "Intervals" may include but are not
limited to random, pseudo-random, regular, irregular,
event-triggered, time-based, calendar-based, or other suitable
measures for determining use of the monitored computer software.
Interval metrics may also include individual or aggregate program
execution time or number of program executions, for example.
[0040] A security feature according to one embodiment of the
present invention should dramatically reduce the piracy rates for
software developers including "casual" and low level
"institutional" piracy which occurs when users share a favorite
application program with a friend or companies understate the
number of users for a network version of a software application,
whether intentional or not.
[0041] The present invention provides a software program module
which is easily adaptable and may be easily integrated into
software designed for any computing platform and operating system.
The process is preferably implemented by embedding a small program
within the monitored computer software or application program.
During operating, the monitoring module, in this example a security
program, authenticates each unique user (or group of users). As
such, only authorized users can install or maintain operation of
any particular copy of the computer software. This is accomplished
through an extensive series of interactive interlocks. If an
unauthorized user attempts to copy the software, the software will
not operate and the authorized software representative or
administrator (which may be the software developer, distributor,
publisher, etc.) can track and potentially identify the pirate.
[0042] The monitoring module provided by the present invention
preferably operates in the background to perform various monitoring
functions including but not limited to protecting the application
program from unauthorized use while also identifying unauthorized
users or user computers. The security feature may be used with
various other features for monitoring software according to the
present invention to accommodate virtually any potential needs of a
wide variety of clients.
[0043] One aspect of the security feature according to the present
invention is the collection of updated registration information
which may include, but is not limited to, extensive marketing and
demographic information for each user or group of users. This
information may be provided to software developers in a variety of
different formats specifically tailored to each developer's need.
The repeated contact with authorized users provides extensive
marketing opportunities for product upgrades, related products, and
the like.
[0044] Various pricing models may be provided to generate revenue
in accordance with the teachings of the present invention. For
example, a security feature may be provided for a nominal charge
per authentication code or password update, for example.
Alternatively, the service may be paid for by third-party
advertising which may be transferred to the user during
authentication, for example.
[0045] FIGS. 1a and 1b provide a simplified block diagram
illustrating a software security feature for a system or method for
monitoring software according to one embodiment of the present
invention. The process begins with the software developer adding
program code to the application program to provide one or more
features of the present invention. Whether used alone or in
combination with other features, the security feature involves
associating a plurality of authorization codes or passwords with a
given copy (or group of copies) of the computer software. The
plurality of authorization codes may be generated and stored when
the computer software is transferred to the distribution media or
electronically downloaded but are preferably determined using an
appropriate algorithm only when a previous or subsequent code is
required. The plurality of passwords or authorization codes may be
identified by a unique serial number or password code as
illustrated and described in greater detail with reference to FIGS.
3 and 4a and 4b. The application program will then operate for a
predetermined authorization period or interval provided the
corresponding password has been entered. While manual entry of
passwords or authorization information may be accommodated by the
present invention, the password is preferably electronically
communicated via a network, modem, or other connection, for
example.
[0046] As illustrated in FIGS. 1a and 1b, a legal or authorized
user obtains software via a computer-readable storage medium, such
as a CD, DVD, floppy disk, etc., or by downloading the software
from an authorized retailer or software representative as indicated
generally by reference numeral 50. During installation, the user
enters an activation key or the first authorization code which is
generally supplied with the application program. Prior to full
operation, the user is required to register the software with an
authorized software representative which may be the software
developer, distributor, or publisher, or a third-party
administrator as indicated at block 54. The authorized software
representative may provide various functions such as supplying
periodic password updates, monitoring use of the software,
collecting information relative to quality assurance, auditing
compliance with multiple-user licenses, etc.
[0047] During registration, the authorized software representative
determines whether the particular copy (or group) has been
previously registered by comparing registration information
corresponding to the activation key with previously entered
registration information, if any, as represented by block 56. If
the comparison indicates that the user may be an unauthorized user,
the user may be notified of a potential licensing violation and is
preferably prompted to contact the administrator as represented by
block 58. If the user proceeds as represented by block 60, the
software representative or administrator may authenticate the user
and grant a license by providing an appropriate password from the
plurality of passwords associated with the particular copy (or
group) of the computer software as represented by block 64. As
indicated above, the authorization codes associated with a
particular copy or group of copies may be generated as needed by an
appropriate algorithm, based on the activation key, for example.
Otherwise, the administrator may store various information to
identify the potential unauthorized user in a database as
represented by block 66. If the user does not proceed with the
registration process at block 60, or the registration information
indicates that the user is unauthorized as represented by block 64,
the process completes as indicated at blocks 62 and 68,
respectively. As will be appreciated by those of ordinary skill in
the art, various situations may arise where some or all of the
registration information for an authorized user may not match
previously collected information. The software representative may
decide to provide one or more authorization codes based on a
partial match or a limited number of requests with completely new
registration information. However, embodiments which include
prompting the user to contact the software representative and
provide information are likely to serve as a deterrent to software
pirates.
[0048] If no registration information has previously been entered
as determined by block 56, the authorized software representative
may download a license file to the user as represented by block 70.
In addition, various other optional information may be transferred
prior to, during, or subsequent to the license file which may
include but is not limited to promotional information, marketing
information, availability of product upgrades or enhancements, and
the like. The administrator preferably also builds a database for
each user or group of users including user demographics and
marketing information as represented by block 72. Once the
authorization information or password has been transferred to the
user or software, the application program operates normally for the
authorization interval at which time the application program
requires a license file update as represented by block 74.
[0049] If the monitoring module is active prior to expiration of
the current authorization interval, the security feature attempts
to automatically contact the authorized software representative for
a license file update as represented by block 76. In the event that
the monitoring module is not active, or is unable to contact the
authorized software representative, the security feature may
attempt to contact the authorized software representative after
expiration of the authorization interval as well. Preferably, the
security feature determines an acceptable time to contact the
administrator based on the program or computer use. This
determination may be made automatically or by prompting the user
during registration or through a utility to identify the best time
to obtain updates. For example, the security feature may determine
to contact the administrator based on time of day, i.e. late-night
operation, status of processor utilization, i.e. computer is idle,
when a dial-up connection to the Internet is active, during the
next execution of the application program, and the like.
Preferably, once the user completes the registration process, the
license file remains in place whether or not the application
program has been uninstalled. This feature allows for
reinstallation of the software without re-registration or requiring
an authorization code update. This feature is particularly suited
for group or network license applications.
[0050] Block 78 represents a determination based on the activation
key and/or password code of whether the particular copy of the
computer software has already received an update. If an update has
been previously received for this copy of the computer software,
the user is notified of a potential licensing violation and is
prompted to contact the authorized software representative as
represented by block 80. If the user chooses to proceed with
contacting the authorized software representative as represented by
block 82, the authorized representative may obtain additional
registration information to authenticate the user and/or decide
whether to grant an update as represented by block 86. Otherwise,
the process terminates as indicated at block 84. Whether or not the
representative decides to issue an updated password or
authorization code associated with the computer software, the
administrator may store information related to the potential
license violation as represented by block 88 prior to terminating
the process as indicated at block 90.
[0051] If the application has not received an update as determined
by block 78, or the authorized representative determines that a
password update is appropriate as represented by block 86, an
updated license file may be downloaded to the authorized user (user
computer, group, or server, for example) while optionally providing
additional information which may include but is not limited to
promotional information, upgrade information, and the like as
represented by block 92. The administrator's database is then
updated to include user information, demographic, and marketing
information as represented by block 94. The computer software or
application program then operates normally for the next
authorization interval before another license file update is
required as represented by block 96. In this example, the specified
authorization interval is based on a calendar or date and
corresponds to 30 days. Various types of authorization intervals
may be provided depending upon the particular application as noted
above. For example, authorization intervals or time periods may be
based on accumulated execution time of one or more copies of the
computer software. For multiple-license applications, the
authorized interval may be based on an aggregate total execution
time for all users at a particular site or on a particular network,
for example. Similarly, authorization intervals may be based on the
relative value of the computer software being protected by the
security feature according to the present invention. For example,
more expensive or costly computer software may have a shorter
authorization interval to further discourage unauthorized use. The
authorization interval may increase as the product ages and new
releases are available if desired.
[0052] The security feature automatically contacts the authorized
representative for a license file update as represented by block 98
of FIG. 1b. Preferably, the application begins to attempt to
contact the authorized administrator prior to expiration of the
current authorization interval. For example, 15 days before
expiration of the current interval, the program may attempt to
automatically contact the authorized representative for a license
file update. If the attempt is unsuccessful, repeated attempts may
be made with increasing frequency to improve the probability of a
successful update without user intervention. Alternatively, or in
combination, the user may be prompted upon the next execution of
the program to contact the authorized software representative for
an update. The update may proceed automatically or manually from
this point.
[0053] Each time a user contacts the authorized software
representative, the representative can compile updated registration
information which may include name, address, computer processor
identification, email address, etc. In addition, demographic and
marketing information may be gathered depending upon the particular
computer software and target market.
[0054] The process illustrated in FIGS. 1a and 1b may be
indefinitely repeated to provide continued contact with users.
Alternatively, a master password may be transferred to the user or
computer software to provide an indefinite authorization interval,
i.e. an, authorization interval which does not require any further
password or license file updates. Furthermore, a password may be
downloaded to disable any further operation of the software if the
user is determined to be an unauthorized user.
[0055] A block diagram illustrating. an alternative representation
of a system or method for monitoring software using a security
feature during initial setup and installation according to one
embodiment of the present invention is shown in FIG. 2. As
represented by block 150, a security feature is activated when the
user installs the application program. During the installation, the
user is required to enter a serial number or activation key which
has been previously associated with a particular copy or group of
copies of the software. Serial numbers can be supplied with the
software packaging or documentation, can be hard coded on the
distribution medium, or can be generated during the registration
process or electronic software distribution process. For software
which is downloaded over a communication network such as the
Internet, the serial numbers can be coded and stored within a
database which supplies the serial number at the time of download,
or can be generated via an appropriate algorithm as part of the
registration process. Alternatively, the security feature of the
present invention may function without the use of serial numbers
with the authorized users contacting an authorized software
administrator to obtain subsequent passwords from a list of
passwords upon expiration of each authorization interval. However,
the list of passwords or algorithms used to generate the passwords
may not be unique to a particular program. In this embodiment,
password sequencing could be used to discourage unauthorized
copying by requiring that each password or authorization code be
entered in the appropriate sequence for the computer software to
function. Authorization code sequencing may be implemented by
generating an authorization code using a previous or preceding
authorization code.
[0056] As described above, software may be identified in batches
with the same or similar serial numbers as opposed to having unique
serial numbers for each copy of the software. Passwords or
authorization codes may then be keyed to a group of software
copies. Likewise, various distribution media, such as CD-ROMs, DVDs
or electronic software distribution may be identified by a
particular batch with the CDs or downloaded programs coded
electronically or physically to identify their batch.
[0057] Block 154 of FIG. 2 determines whether a valid serial number
has been entered. Block 156 provides additional opportunities to
enter a valid serial number before the registration process
continues. Once a valid serial number has been entered as
determined by block 154, the security feature contacts a third
party or other authorized software representative to obtain a
password to authorize the software for an authorization interval as
represented by block 158. A database, preferably stored on a remote
server administered by the authorized software representative, is
queried to determine whether the serial number has already been
registered as represented by block 160. If the serial number has
been previously registered, block 162 determines whether the
registration information indicates that the user is an authorized
user. If not, the installation process is terminated with an
appropriate message provided to the user that the license has
already been registered and this particular copy of the software is
unauthorized as represented by block 164. A message may also be
provided indicating that the user must provide additional
registration information to proceed if the user believes that he is
an authorized user. Alternatively, or in combination, additional
information may be automatically gathered via the network address,
processor ID, and the like to track unauthorized users and take
additional action.
[0058] If the software has not yet been registered, the authorized
representative collects the registration information and begins
building a user database as indicated by block 166. The user
database may include various information related to the user and/or
user computer. The software representative then determines an
appropriate password from a plurality of passwords associated with
the software to the user computer and/or manually transfers the
information to the user for entry into the computer software. Any
additional information may also be provided which may include but
is not limited to advertising, promotional, or other information
displayed on the user computer as represented by block 168.
[0059] The present invention contemplates a variety of passwords
which may be used individually or in a particular sequence. For
example, passwords may be generated for a given serial number with
any one of the passwords being acceptable to authorize continued
use independent of the particular sequence in which the passwords
are entered. Alternatively, passwords may be required to be entered
in the specified sequence to allow operation of the computer
software. In this embodiment, the passwords would be either
generated in advance and stored in a database or preferably
generated by an associated algorithm at the time of the update.
Interlocked passwords may also be used to further enhance the
security feature of the present invention. For example, passwords
may be interlocked to particular hardware information such as the
operating system serial number or version code, machine
identifiers, and the like. Passwords or authorization codes are
then generated based on a combination of the serial number and
machine identifiers as illustrated and described in greater detail
with reference to FIGS. 3 and 4a and 4b.
[0060] As described above, passwords may be unique to each copy of
the, computer software as identified by the activation key and/or
serial number contained within the activation key. Similarly,
passwords may be unique to a particular machine based on a machine
identifier or a combination of the machine identifier and software
serial number. One list of passwords may also work for a group of
software. Master passwords may be supplied to authorize the
software indefinitely such that feature updates are no longer
required. Likewise, a master password may be provided to disable
operation of the software.
[0061] After an appropriate authorization code has been obtained
from the administrator as represented by block 168, the application
program operates normally for a predetermined authorization
interval, such as 30 days in this example, as represented by block
170. The security feature then monitors the authorization interval
to attempt to contact the authorized representative prior to
expiration of the interval as represented by blocks 172 and 174. As
described above, the security may continue to attempt to contact
the authorized representative after expiration of the authorization
interval until a successful update has been completed.
[0062] FIG. 3 illustrates an authorization or activation code or
key and related password sequence tables for use in a system or
method for monitoring software according to one embodiment of the
present invention. Activation keys indicated generally by reference
numeral 200 are each associated with one or more copies of the
computer software. Each activation key 200 preferably includes
various components or sub-keys which may vary depending upon the
particular application. In the embodiment illustrated in FIG. 3,
each activation key 200 includes an embedded customer code or ID
202, serial number 204, and password code 206. Customer code 202
preferably corresponds to a particular software developer or client
of the authorized software representative. Serial number 204 may be
a numeric or alphanumeric sequence generated by the software
developer or publisher and printed on the packaging when
appropriate. For computer software purchased on-line, the serial
number may be displayed to the user on the user's computer as
described in greater detail below. Password code or sequence 206
preferably identifies a plurality of passwords and/or an associated
password generating algorithm which generates authorization codes
associated with corresponding authorization intervals. Password or
authorization codes 206 may also identify the particular authorized
software representative or administrator as represented by
reference numeral 208, if desired.
[0063] As described above, the computer software requires entry of
an activation key 200 which is then parsed to identify the serial
number 204 and password code 206. The computer software preferably
will not execute without entry of a valid key. In addition to the
activation key, an appropriate password obtained from the
authorized software representative for the corresponding activation
key must also be provided. As such, entry of a serial number or
activation key only allows the user to continue the installation
process and obtain a password. Passwords are preferably associated
with specific activation keys and do not enable operation of the
computer software unless the password corresponds to the activation
key.
[0064] As also illustrated in FIG. 3, each password code preferably
corresponds to a password sequence lookup table 210, 212. Of
course, the lookup tables illustrated in FIG. 3 are simplistic
examples shown to illustrate the basic principles of one feature
for monitoring software according to the present invention. Any of
a number of commercially available algorithms may be used to
generate pseudo-random serial numbers and passwords which are more
difficult to guess or hack. Password sequence lookup table 210
corresponds to a first password code and includes an initial
registration password 214 in addition to subsequent passwords 216
corresponding to subsequent authorization intervals. In the
illustrated example, each authorization interval is based upon a
regular or consistent calendar interval of 30 days. Varied
intervals based on other criteria may be provided as described
above.
[0065] Similarly, password sequence lookup table 212 includes an
initial registration password 218 and related passwords 220
associated with subsequent authorization intervals. A master
password table 222 may also be provided to track master passwords
to disable operation of the application program as represented by
reference numeral 224. In addition, a master password which
provides an indefinite authorization interval 226 may also be
associated with one or more password codes 206. Likewise, a master
password which allows any program (i.e. not necessarily associated
with a particular authorization code or algorithm) to run for a
particular authorization interval may be provided as represented by
block 228.
[0066] FIGS. 4a and 4b illustrate generation of an interlocked
password and authorization code for use in monitoring computer
software according to one embodiment of the present invention. The
computer software generates a registration code 250 which includes
various components or subcodes indicated generally by reference
numerals 252-266. In the embodiment illustrated in FIGS. 4a and 4b,
the components of the registration code 250 include an update
number 252 corresponding to the particular authorization interval
and various machine identifiers intended to be specific to a
particular user computer. For example, a hard drive code 254, RAM
code 256, processor type 258, and manufacturer code 260 may be used
to uniquely identify a user computer or authorized server in a
local area network (LAN) application. Time zone 262, biweekly date
264, and time of installation 266 are determined during the initial
registration process and used during subsequent authorizations to
make it more difficult to guess or determine the registration code
250. As illustrated, registration code 250 is preferably encoded
using alphanumeric characters which are not easily discernible as
to their meaning by a user. To generate a particular authorization
code, the registration code 250 is used to generate a portion of
authorization code 274 via a table 268 which is preferably stored
on a server administered by an authorized software representative.
Table 268 includes alphanumeric characters corresponding to the
registration code 250 as represented generally by reference numeral
270. Corresponding alphanumeric characters 272 are used to generate
a portion of an authorization code 274 in addition to a password
selected from a plurality of passwords associated with a particular
password code as represented by reference numeral 276. In the
example illustrated in FIGS. 4a and 4b, a simplified letter
exchange represented by table 268 is performed with each profile
using a different exchange key. The exchange key may be generated
by an algorithm based on a serial number associated with the
computer software. Preferably, each code is supplied in the form of
a plug-in module. Some codes may not be used in the automatic
electronic update process but only in the manual password entry
mode according to the present invention. This allows the monitor
module to display the generated code which can be manually provided
to an authorized software representative to obtain an authorization
code for those users/computers unable or unwilling to
electronically transfer authorization information as described in
greater detail below.
[0067] To obtain a password update, registration code 250 is
transferred to the authorized software representative (manually or
automatically). The corresponding decoding table 268 is accessed to
provide corresponding codes 252'-266'. In addition, one of the
plurality of passwords associated with the password code is
selected and supplied to the user or user computer as indicated
generally by reference numeral 276. For continued authorization and
operation of the protected software, the registration code and
corresponding codes for the hardware, time, date, update number,
etc. must match in addition to the balance of the password based on
the serial number and other registration information stored in the
database maintained by the authorized software representative.
[0068] As an example, a user attempting to obtain the third
password update has a user computer with a 22G hard drive, 256M
RAM, Intel Pantium III 600MHz processor, registered in the central
time zone, and is updating the length biweekly period of the year
at 4:00 p.m. The computer software generates a corresponding
alphanumeric code such as: "JBLSQBCA".
[0069] Upon contacting the authorized software representative, the
representative obtains the code generated by the software indicated
above. The server software generates an appropriate corresponding
code based on the coding key table and selects or generates another
password from the plurality of passwords corresponding to the
password code for the particular copy of the computer software. The
authorization code is provided to the user or user computer to
authorize continued use of the software for a subsequent
authorization interval.
[0070] If the software was copied and installed on another
computer, it would not operate since the authorization code
provided by the administrator would not match the hardware-specific
codes generated by the software. As an example, an unauthorized
user attempting to obtain a password for the computer software
described above has a 26G hard drive, 128M RAM, Intel Pantium III
500 MHz processor and is registering from the Pacific time zone at
8:00 a.m. to obtain the third biweekly update. The software would
generate a different alphanumeric code based on this information,
such as: "TXRJOPES." Upon supplying this code to the authorized
software representative, the returned code would correspond to:
"PWSLJWEQ" which would not enable operation of the computer
software. Coupled with serial number identification and other user
information, this feature of the present invention should
significantly decrease the probability of successful piracy.
[0071] FIGS. 5, 6, and 7 illustrate representative messages which
provide information to a user of protected software during initial
installation or subsequent password updates according to one
embodiment of the present invention. As illustrated in FIG. 5,
during installation of protected software, the user may be prompted
or notified that registration is required prior to using the
software by an appropriate message utilizing text and/or graphics
as represented generally by reference numeral 300. Message 300 may
identify the software as indicated at 302 and/or the authorized
software representative as indicated at 304, if desired. During
this phase, the user may select a default method for obtaining
subsequent authorizations corresponding to automatic or manual
registration. Automatic registration may be completed in the
background, without prompting the user, as described above. Manual
registration may require the user to connect to a network, connect
via modem, or speak with an authorized representative via
telephone, for example.
[0072] FIG. 6 illustrates display of transferred information, such
as message 310, which indicates that the authorized software
representative has transferred the appropriate authorization code
or password files to allow continued operation of the computer
software. If registration information transferred to the authorized
software representative indicates that the user may be
unauthorized, an appropriate message 312 (FIG. 7) may be displayed
on the user computer. As illustrated, the user may be prompted to
contact the software representative by telephone or otherwise to
update the registration information and/or obtain appropriate
authorization codes. It should be recognized that some
discrepancies between registration information may be tolerated
while continuing to provide subsequent authorization for continued
use of the computer software. For example, the authorized software
representative may elect to provide subsequent authorization codes
for partial matches of previous registration information to
accommodate installation on multiple computers by a single
registered user such as a desktop, laptop, home computer, and the
like.
[0073] FIG. 8 illustrates representative information which may be
transferred to the user or user computer during initial or
subsequent password updates according to one embodiment of the
present invention. Information, indicated generally by reference
numeral 320, may include but is not limited to various marketing,
promotional, and advertising literature based in whole or in part
upon the registration information entered by the user. Preferably,
advertisements are targeted to the user based on demographic
information entered during registration. As illustrated in FIG. 8,
information 320 may include a plurality of frames, each having
associated multi-media capabilities including text, graphics, and
sound if desired.
[0074] FIG. 9 is a block diagram illustrating operation of a system
or method for monitoring software including a password update
process according to one embodiment of the present invention. In
one preferred embodiment, the computer software includes an
integrated monitor module which implements one or more features of
the present invention. For example, the monitor module may
implement the security feature by controlling access to licensed
programs. To implement the quality assurance features of the
present invention, the monitor module records various program
events on a local computer or server and periodically transmits
information related to the events to a remote computer or server as
explained in greater detail below. For network license auditing,
monitoring, and metering, the monitor module gathers various
information relative to use of the monitored computer software and
repeatedly transfers information to a remote server. For the
security feature illustrated in FIG. 9, block 350 may include a
license module which determines whether the licensed program will
run based on the current license file which is preferably
encrypted. The license module preferably determines when the
current authorization interval will expire and begins attempting to
renew the license file or password prior to expiration as
represented by block 350.
[0075] In the embodiment illustrated in FIG. 9, the license module
then opens a default browser such as Microsoft Internet Explorer or
Netscape Navigator and contacts an authorized software
representative to obtain an additional password as represented by
block 352. An appropriate web server may then be used to administer
the update process as illustrated and described with reference to
FIG. 15, for example. The browser should remain open throughout the
password update process and will preferably be automatically closed
by the license module when the process has been completed.
[0076] The license module may reside on each computer or may be
centrally located on a server with user computers connected to the
server to form a computer network. In this implementation, the
present invention is capable of providing comprehensive network
license monitoring which extends beyond simple license metering to
provide full anti-piracy coupled with client/customer
interactivity. The license module is capable of monitoring and
auditing all network licenses in any manner chosen by the software
developer while offering licensing program flexibility to gain
increased market share. A wide range of network auditing,
monitoring and metering parameters provides software developers
with the ability to maintain absolute accurate license compliance
in virtually any format. In addition, the interactivity of the
process affords the developers the ability to maintain ongoing
direct contact with current licensees while providing marketing
opportunities with potential licensees.
[0077] With continuing reference to FIG. 9, after opening the
default browser, the licensing module attempts to contact the
authorized software representative to obtain a password. This step
may be completed during an idle time or non-peak hours based on a
particular user's selection or may be determined automatically by
the license module. The password administrator parses the
authorization code or activation key provided by the user or user
computer to select an appropriate password file or table and to
select one of the plurality of passwords for a subsequent
authorization interval as represented by block 354.
[0078] Block 356 determines whether the requested password update
has previously been downloaded for that particular copy of the
computer software. If so, the registration information and/or
authorization code is compared with previously gathered information
as represented by block 358 to determine whether the user is an
authorized user. If it appears the user is not authorized, various
information may be transferred to the user computer indicating that
a licensing violation may have occurred as represented by block
360. Otherwise, an appropriate authorization code is selected or
generated corresponding to the activation key and transferred to
the user computer to authorize operation for another interval as
represented by block 362.
[0079] FIG. 10 is a more detailed block diagram illustrating
operation of a license module in a system or method for monitoring
software according to one embodiment of the present invention. FIG.
10 illustrates an automatic electronic license renewal process
which may be used by the security feature of the present invention.
Whenever the computer software executes, the license module will
open a license file and attempt to decrypt the file with a public
key as represented by block 370. The public key is preferably
stored within the executable code of the licensing module. If the
license file is correctly decrypted, expiration information for the
current authorization interval can be extracted from the license
file and the program will execute normally. If there is an error
decrypting the license file as determined by block 372, an attempt
to notify the server associated with the authorized software
representative is made as represented by bock 374. The user is then
notified as indicated by block 376 and the process terminates as
represented by block 378.
[0080] If the expiration information for the current authorization
interval is properly decoded as represented by block 380, block 382
determines whether the expiration is approaching. In this example,
the authorization interval corresponds to 30 days. The licensing
module begins attempting to contact the authorized software
representative 15 days prior to the expiration of the authorization
interval as represented by block 382. Otherwise, the program
executes normally as represented by block 384.
[0081] If the current authorization interval has expired as
indicated at 386, an attempt is made to connect to the server of
the administrator as indicated at 388. If the connection is
successful as determined by block 390, information including a
licensed file update with a new authorization interval and/or
various other information may be downloaded to the user or user
computer as indicated at 396. Otherwise, an error message is
displayed as indicated at 392 and the process terminates as
represented by block 394.
[0082] If the current authorization interval has not expired as
determined by block 386, an attempt is made to connect to the
server of the authorized representative as indicated at 398. If the
connection is successful as represented by block 400, the
subsequent password or license file is downloaded along with
optional additional information as represented by block 402.
Otherwise, an inner message is displayed as indicated at 404 and
the process terminates as indicated at 406.
[0083] As described above, second or repeated attempts to download
a particular license file may indicate an illegal user. The
password or license file administrator preferably compiles any
available information concerning such potential illegal users.
Because the software is activated and associated with a specific,
known user, all copies (legal or illegal) will also be associated
with that user. This should provide an additional deterrent to
users from distributing copies of the software because all copies
will indicate the user who originally licensed them (and therefore
the first illegal user in the distribution chain). Users cannot
remove the identifying information without also disabling the
software.
[0084] FIG. 11 is a block diagram illustrating operation of a
system or method for server registration and validation of an
activation key according to one embodiment of the present
invention. The server is preferably managed by the authorized
software representative which provides remote monitoring of network
license compliance, password administration, and/or quality
assurance metrics according to the present invention. Block 420
receives the activation key associated with a particular copy (or
group) of computer software. Block 422 determines whether the
activation key is valid. If the activation key is not valid, block
424 collects any available information relative to the user and/or
user computer along with an associated error message. Block 426
informs the user of a possible typing error and the process exits
as indicated at 428. If a valid activation key is transferred to
the server, block 430 determines whether the activation key has
already been used.
[0085] If a valid activation key has already been used, block 434
obtains additional information from the user which is then compared
to the previously obtained information as indicated at 436. Block
438 determines whether the user has attempted to install the
software more than the authorized number of times. If too many
installations are indicated, relevant information is logged as
represented by block 440. The user is then informed of a licensing
violation as indicated at 442 and the process terminates as
indicated at 444.
[0086] As described above, various software developers may allow a
particular user to install more than one copy of a particular
application program. As such, block 438 may be limited to a single
installation or alternatively multiple installations depending upon
the particular application. If the user is within the allowable
number of installations, the process terminates as indicated at
446.
[0087] If the user information does not match the information
previously stored in the database as indicated at 436, an
appropriate error message is logged at 448 and the user is notified
of the license violation at 450 with the process terminating at
452.
[0088] If a valid activation key has not already been used, the key
is authenticated and the process terminates as indicated at
454.
[0089] FIG. 12 provides a block diagram illustrating a server
process for license file renewal for one embodiment of a system or
method for monitoring software according to the present invention.
Block 470 accepts an activation key from the user or user computer.
Block 472 determines whether the activation key is valid using any
of a number of known algorithms for generating keys. If the
activation key is not valid, block 474 logs the error message and
block 476 informs the user of a possible error in entering the
activation key. The process then terminates as indicated at
478.
[0090] For valid activation keys, block 480 determines whether the
key has already been activated. Because this is a renewal process,
it requires that the key be previously activated. If the key has
not been activated as determined by block 480, an appropriate error
message is logged at 482, the user is informed of a license
violation at 484, and the key is revoked at 486. The process then
terminates at 488.
[0091] For previously activated valid keys, block 490 determines
whether the key has been previously revoked. If so, block 492 logs
an appropriate error message. Block 494 informs the user of a
license violation and the process terminates as indicated at
496.
[0092] If the requested renewal has been previously sent as
determined by block 498, an appropriate error message is logged at
500. The user is informed of a license violation at 502 and the key
is revoked at 504. The process then terminates at 506.
[0093] If the renewal has not been previously sent as determined at
block 498, the account status is updated at 508 and the process
terminates at 510.
[0094] FIGS. 13a and 13b is a block diagram illustrating a
representative database for use in facilitating batch and
interactive processing of functions administered by an authorized
software representative according to one embodiment of the present
invention. In the representative embodiment illustrated in FIGS.
13a and 13b, the database preferably includes fields related to
process administrators 530, protected software programs 550,
activation keys 570, clients 590, licenses 610, and events 630. The
various fields may be stored in a single database or may be
distributed among a plurality of databases depending upon the
particular application and implementation.
[0095] Fields related to process administrators 530 preferably
include a corresponding log-in ID 532 and password 534. In
addition, the process administrator's full name 536 and access
rights or privileges 538 may be provided. Fields for tracking the
date of the last password change 540 and a hashed password history
542 may also be provided.
[0096] The database may also include a catalog of protected
software programs 550. This may include fields for unique program
identifiers 552, market or trade names 554, vendor information 556,
revision information 558, and private and public keys used for
encrypting various information associated with each program as
represented by reference numeral 560.
[0097] An activation key table or database 570 may also be
provided. A typical activation key table 570 may include a program
identifier field 572, activation key field 574, creation date 576,
and customer ID 578.
[0098] The database may also include a client table 590 including a
unique, random identifier field 592, along with contact information
such as name 594, address 596, phone and fax numbers 598, and email
addresses 600. In addition, the client table or database 590 may
include the date of first registration 602 and fields for
demographic and marketing information 604.
[0099] The server database may also include a table or database
having fields linking clients, software, and licenses as
represented by reference numeral 610. Table or database 610 may
include a field for client ID 612 and program ID 614. In addition,
identifying information relative to the first successful download
616, first unsuccessful download 618, last successful download 620,
and last unsuccessful download 622 may be tracked within the table
or database 610. A field for the expiration of the current license
or authorization interval may also be provided as indicated at 624.
A status field 626 may be used to indicate the current status of
the license as active or revoked.
[0100] An event log table or database 630 may also be provided for
tracking various types of events associated with various features
of the present invention including but not limited to the security
feature, quality assurance feature, and network license metering
feature. Event log table 630 may include fields for an
administrator ID 632, client ID 634, and program ID 636. In
addition, an activation key field 638 may be provided to track any
events or incidents by activation key. In addition, a data/time
field 640 may be provided along with a type code field 642 which
may be used to catagorize the type of event. A text field 646 may
be provided to allow notes or a detailed description of the
event.
[0101] As described above, a server preferably automatically
exchanges information with the user computer using an electronic
connection when required. In one preferred embodiment, the server
encrypts license files using the RSA public key encryption
algorithm when using an electronic connection. As an example, each
release of each application program could be associated with a
512-byte encryption key pair. The server would maintain both the
public and private keys with the private key hard coded into the
license module of the software release.
[0102] License files will encode an expiration date, an activation
key, and an application ID into a short string. An example of an
unencrypted license file showing date, activation key, and
application ID is:
[0103] 20000625:0123456789987655431:AutoCD 2000 Release 1
[0104] The license string is preferably encrypted using the
server's private key for that particular application release. The
client software on the user computer or server will decrypt the
license file using its hard-coded copy of the server's public key
to verify that the license file originated with the authorized
server. The license string may be stored in any convenient file or
in memory for access by the license module. For example, the
license string may be stored in the computer's registry.
[0105] To accommodate a wide variety of users, the present
invention may also use a manual password update process. In this
situation, it is not feasible to use a public-key encryption
algorithm such as the one described above since the encrypted
license file may occupy around 510 bytes, for example. This will
correspond to around 90 principle characters or about 155 digits.
This is too much text for a typical user to reliably transcribe
from a telephone operator. Accordingly, a somewhat less secure
process may be used for manual license file entry. Although
somewhat less complex, the manual process includes extensive
interlock security to deter unauthorized copying or use of the
computer software. In addition, it may be unrealistic to expect a
user to manually telephone the authorized software representative
upon expiration of relatively short authorization intervals to get
a new license file to continue using the software. Accordingly,
extended authorization intervals may be provided for those users
which require manual entry of the license file.
[0106] FIGS. 14a and 14b illustrate a system or method for batch
distribution of computer software and associated authorization
information which may be encrypted according to one embodiment of
the present invention. Batches of installation media (such as
floppy disks, CD-ROMs, DVDs, electronic software distribution,
etc.) are preferably limited to a number of units based on the
activation and encryption keys. For the example illustrated in
FIGS. 14a and 14b, the batches are preferably limited to 1000 units
each. Of course, this is an exemplary size and is not mandatory.
Higher production runs are possible with increased table or file
size for storing encryption and activation information.
[0107] As illustrated in FIG. 14a, a batch of installation media
may be created by assigning a single random 64-byte master password
to the batch as represented by block 650. A unique activation key
for each copy is then created as represented by block 652. For each
activation key, a random 128-byte encryption key is created as
represented by block 654. An encrypted block of 128 bytes is then
produced as indicated at 656. An encrypted block may be based on
the master password plus a random 64-byte number with the
encryption key for each activation key. This process will yield a
table or database as illustrated in FIG. 14B, for example. The
database may be stored on the server administered by the authorized
software representative.
[0108] FIG. 14b illustrates an authorization table or database 670.
The database may include fields to identify each copy of the
installation media 672 along with corresponding activation keys 674
and encryption keys 676. A suitable encryption algorithm may be
used to process the master key, encryption key, activation key, and
random number to generate the encrypted key 678. In this example, a
copy of the entire table, indexed by the activation key 674, would
be stored on each copy of the installation media.
[0109] FIG. 15 is a block diagram illustrating a representative
system for monitoring software according to one embodiment of the
present invention. A user computer or work station 700 includes
computer software in the form of an application program 702 which
is integrated with a monitoring or license module 704 according to
the present invention. While illustrated with respect to the
security feature of the present invention, those of ordinary skill
in the art will recognize that license module 704 may be replaced
by a generic monitoring module to perform the quality assurance and
network license monitoring and metering features of the present
invention. User computer or work station 700 also includes a
protocol stack 706 for communicating with one or more other
computers via a network 708 such as the Internet, for example. To
obtain authorization codes for continued operation of the computer
software, computer 700 preferably connects to an authorized
software representative indicated generally by reference numeral
710 via computer network 708. In one embodiment of the present
invention, user work station 700 contacts authorized software
representative 710 using a web browser to access a corresponding
server 712 remotely located relative to user work station 700.
Server 712 includes a module 714 for receiving the activation key
from computer 700, preferably electronically, and processing the
key user encrypting language, for example, as indicated at block
716. Server 712 also includes a licensed library module 718 which
may be used to access a database server 730 to obtain subsequent
authorization codes. License daemon 732 is used to access the
license database 736 via a standard database management tool 734
such as Oracle, for example.
[0110] Work stations or computers, such as work station 740, which
do not have Internet access, may also exchange electronic
information with an authorized software representative according to
the present invention. User work station 740 also includes an
application program 742 integrated with a license module 744. As
described above, license module 744 may be replaced by a generic
monitoring module to implement various other features of the
present invention. A communication program or protocol stack 746
may be used to communicate using an associated modem 748 with a
modem pool 752 of the software representative 710 via a public
switched telephone network 750.
[0111] Modem pool 752 is managed by a terminal server 754 which may
interface with the web-based server 712 as illustrated. In
addition, users may obtain manual authorization code updates by
telephoning an operator who accesses web server 712 and/or database
server 730 to obtain manual authorization codes as described
above.
[0112] Referring now to FIG. 16, a block diagram illustrating
operation of a system for auditing or metering network software
which may include various quality assurance features according to
one embodiment of the present invention is shown. In this
embodiment, a local server 800 is connected to one or more
computers 802, 804, and 806 to form a local area network. (LAN).
One or more computers 802-806 may include associated local storage
media indicated generally by reference numeral 808. Likewise, local
server 800 may include storage media 810. Storage media 808 and/or
810 may be used to store various information associated with
computers 802-806 which is subsequently repeatedly transferred to a
remote server 820 via a computer network 816, such as the Internet,
for example. Information stored in storage media 808 and 810 may
include various types of data associated with operation of the
monitored software to provide quality assurance capabilities in
accordance with the present invention. For example, complete
statistical data for use during an actor beta test cycles may be
provided including full monitoring of errors, conflicts, use
patterns, and the like. This information is collected by the
monitoring module which is integrated with the computer software.
The monitor module preferably stores information related to
operation of the computer software on local server 800 and storage
media 810, for example. This information is then repeatedly
transferred to remote server 820 to provide the quality assurance
capabilities and/or network license metering capabilities in
accordance with the present invention.
[0113] Additional quality assurance capabilities provided by the
system or method illustrated in FIG. 16 may include complete error
log generation of program shutdowns with associated fault codes or
error codes of all programs currently in use on a particular
computer 802, 804, or 806. Likewise, a complete log of non-fatal
errors of all programs in use by one or more computers 802-806
(and/or server 800) may be generated and periodically transferred
to remote server 820 to determine use patterns, most used features
and tools, etc. Likewise, use of help files may be analyzed to
improve or revise the computer software. In addition, information
related to use patterns and demographics of other computer
application programs running on computers 802-806 may be stored or
cached locally on server 800 prior to being transferred to remote
server 820 via network or other connection 816. The system and
method for quality assurance according to the present invention
provides substantial flexibility to accommodate any desired audit
parameters. For example, network licensing may be based on the
number of concurrent computers using a particular application.
Alternatively, a licensing model may be implemented which charges
users based on each use or each authorization period for a
particular application program.
[0114] As such, the present invention provides various systems and
methods for repeatedly contacting a software user in exchanging
information such as authorization codes, marketing, advertising,
promotional information, and other information related to use of a
particular monitored software application program. The present
invention provides security features, quality assurance features,
and network license compliance which may be administered remotely
by a software developer, distributor, or third party.
[0115] While embodiments of the invention have been illustrated and
described, it is not intended that these embodiments illustrate and
describe all possible forms of the invention. Rather, the words
used in the specification are words of description rather than
limitation, and it is understood that various changes may be made
without departing from the spirit and scope of the invention.
* * * * *