|Title of Invention||
A METHOD AND SYSTEM FOR SOFTWARE PIRACY PREVENTION USING COMPUTER INFORMATION VALIDATION AND EXTERNAL MEMORY KEY
|Abstract||ABSTRACT A method and system are provided for software piracy prevention using the validation of information of Processor-Type, Processor-Serial-Number, RAM-Capacity, Hard-Disk Capacity, Hard-Disk-Drive Volume Serial-Number, Main-board-Tj^je, Network-Adaptor, Display-Adaptor, Sound-Card and Display-Monitor Type. The method also uses an external removable memory-key; to provide additional fortification by storing the above information in an encrypted format to restrict unauthorized installations and internet piracy. The manufacturer sets the maximum installable computers during configuration of the key at the manufacturing process. The key is distributed along with the software installation CD-ROM or Setup Diskette. During installation by end-user, computer information is gathered, hashed, encrypted and stored in the provided external memory-key. A copy of this information is stored in secured area of the user's hard-disk-drive for future validation. After installation of software; during execution; an application launching program validates the existing computer's information by comparing with previously stored local information for execution of software. If it substantially be different, a change in computer's hardware is detected and is cross checked with the external memory-key. This prevents hard disk loading of software to another computer. Unauthorized installations on other computers are also checked by this invention during installation itself Requirement of an external memory-key checks the internet piracy and illegal software distribution. The external memory-key is required only during installation. The user is provided with limited hardware upgrade facility by this invention. For additional computer installations, end-user needs to contact the manufacturer for upgrade of his license at nominal fee.|
1. FIELD OF INVENTION
The present invention relates to a method and system for preventing piracy or illegal use of software. To be more particular this invention relates to such methods and systems that allow software installations to be computer specific and ensures a legitimate installation by validating the various hardware components of the underlying computer, utilising a system consisting of an external memory key (refer 32 of FIGURE .2) and methods that are divided into processes which are implemental at various stages of software production, installation and run. More specifically this invention is a hardware based solution (refer 32, 40, 47 and 54); with a newly proposed computer information
validation at every run, which checks almost all the known methods of piracy and effectively inhibits the basic intention of piracy.
2. BACKGROUNG OF INVENTION WITH REGARD TO THE DRAWBACK OF
ASSOCIATED WITH KNOWN ART
Software piracy is the unauthorized duplication of computer software. According to the BSA (Business Software Alliance) Seventh Annual Global Software Piracy Study, revenue losses due to piracy for the business software application market reached $10.9 billion in the year 2001, while it was $11.7 billion in the year 2000. Worldwide, the unauthorized copying, use and distribution of software are a continuing source of concern. The term "software piracy" covers different activities: illegal copying of programs, counterfeiting and distributing software - even sharing a program with a friend.
Although most computer users today are aware that unauthorized use and duplication of software is illegal, many show a general disregard for the importance of treating software as valuable intellectual property. The software piracy exists in many forms and it is necessary to check all the possibilities and the basic intention of piracy to put a stop to piracy. For this the legal mechanisms alone cannot be depended. For best results, it is recommended to combine legal, marketing and technology-based software protection mechanisms.
The different software piracy channels are listed as follows,
[a] OEMs and Resellers - Just because the disk says Microsoft or the software came preloaded on PC, doesn't guarantee it's legal.
[b] Copying and Counterfeiting - It starts with one legitimate, licensed copy of the software, and then escalates from there.
[c] Internet Piracy - The sale of software over Web sites and Auction sites is common and easy, making the Internet the perfect vehicle for counterfeiters.
These channels are explained as under,
[a] OEMs and Resellers: Piracy at a store near by
Most users never have considered that software purchased from computer manufacturers or at a local retailer may be illegal—and that's just what disreputable manufacturers and resellers are banking on. The different existing forms of piracy by OEMs and resellers are:
• Piracy of OEM Products: Personal computer manufacturers, or Original Equipment Manufacturers (OEMs), often have agreements with Software companies allowing them to distribute OEM Software. OEM software is a special version of software that must be distributed pre-installed on the hard disk drive of
a PC when it's manufactured or bundled with computer hardware. OEM software should never be distributed without a corresponding PC or computer hardware.
• Mischanneling: Pretending to be something you're not - Certain software titles
are produced, sold, and distributed under special discount licenses to academic
institutions, computer manufacturers, and other high-volume customers. Illegal
channeling, or mischanneling, occurs when this software is redistributed to other
resellers or users who do not qualify for these licenses.
[b] Copying and Counterfeiting: A duplicate version is out
Two of the most common forms of software piracy due to duplicating are
• End-User Copying: friends loaning disks to each other, or organizations underreporting the number of software installations they have made. Sharing software with friends seems like no big deal, and there's no way it has anything to do with large-scale counterfeiting operations, but in reality both activities violate copyright laws and put the software users, including you, at considerable risk.
• Counterfeiting: large scale duplication and distribution of illegally copied software. Many counterfeiting groups are linked to organized crime—and they counterfeit and package the software using sophisticated techniques. The packaged software is then sold as imitation legitimate software. When produced at large volumes, counterfeiting is a sophisticated criminal activity. Software piracy has become a link in money laundering schemes that in turn fund and promote weapons smuggling, gambling, extortion, and prostitution. As the technology used by counterfeiters advances, even sophisticated consumers are often unable to distinguish legitimate software from counterfeit.
[c] Internet Piracy: illegal downloads from warez and appz sites
Internet piracy refers to the use of the Internet for illegally copying or distributing unauthorized software. The offenders may use the Internet for all or some of their operations including the advertising, offering, acquiring, or distribution of pirated software.
The Business Software Alliance (BSA), a software industry trade association, estimates that there are 840,000 Internet sites selling illegal software as the real thing. Many consumers who purchase software over the Internet never actually receive the programs they paid for. Others are not able to get their money back if they discover that the software they acquired is counterfeit. Disreputable Internet businesses often quickly vanish, leaving behind hundreds of customers dissatisfied. The rising popularity of shopping on the Internet has increased the potential for deception since you can't see the product in person until it arrives at your doorstep—if it arrives at all.
The Web has increased software piracy—it's easy for seeming legitimate businesses to create a Web site and then advertise and distribute pirated software. Plus, the explosive growth of e-commerce, combined with anonymity and unlimited volume, have made it even easier for criminals to sell counterfeit software online.
An estimated 2 million Web pages offer, link to, or otherwise reference "warez" software - the Internet code word for pirated software. A recent investigation indicates that more than 60% of software sold through Internet auction sites is counterfeit and more than 90% is sold in violation of the publisher's license agreement. An estimated 280,000 Web pages reference "appz", another term for pirated application programs.
The impacts of piracy are discussed here; as pirated software hurts everyone— from the software developers, retail storeowners, and ultimately all software users.
Consumers are at Risk:
Pirated software directly impacts consumers because:
• It often lacks key elements and documentation, and it always carries no warranty protection or upgrade options.
• These untested, counterfeit discs may be infected with viruses that will damage your hard disk drive and may cripple your entire network.
• If they copy software at work, users put themselves and their company at risk by pirating a product protected by copyright laws.
When users purchase counterfeit software, they are supporting disreputable companies, not tax-paying, and disrupt legitimate businesses that provide jobs and salaries to good citizens. The profits from these sales of counterfeit software don't help expand the economy by providing jobs, taxes, and wages, and there is a good chance the profits are funding additional illegitimate businesses. Legitimate companies never receive any funds from the sale of counterfeit software, and frequently this loss of revenue leads to layoffs for workers in all related industries, from manufacturers to resellers. So, purchasing counterfeit software doesn't only impact software manufacturers, it impacts everyone.
Innovation is slowed:
Intellectual property is the ownership of ideas as well as the control over the tangible or virtual representation of those ideas. Software is intellectual property, as are books, movies, and music. Like music performers and authors, software developers use copyright laws to protect their work and their investment in the field. The theft of intellectual property thus eliminates the resources used to develop newer and better products.
Consumers can take action by educating themselves on the different forms of piracy and reporting suspected software piracy offenders.
Available Mechanisms to Prevent Piracy:
The present art of piracy prevention is attained by the following mechanisms
• Legal Measures
• Serial Numbers and Internet Registration
• Dongles and Dongle Disks
• Microsoft's Product Activation
• Copy protected CDs
The following is a brief description of all the above mechanisms and the causes for their collapse.
Most countries have cyber law to punish piracy. In India there have been many actions reported against piracy. The government prevents piracy by conducting frequent raids searching for counterfeits and destroys them. When it comes to end user piracy, hard disk cloning and internet piracy all these laws are practically of no use. For most of the time it remains impossible to trace the criminals due to lack of technology on the government side. Even those cyber crimes reported in India are only proved suspects involved in porn web hosting. The e-mail spammers and file up-loaders remain without charge. Worldwide internet piracy is mostly spotlight on Russian and chez. Servers, where the U.S. long arm cannot extend its legal activities. For example http://www.astalavista.box.sk is a site hosted from a Scandinavian server, housing infinite links to cracks and serials. It also contains some cracks for Windows XP product activation.
Serial Numbers and Internet Registration
This was once an effective method to indicate that the software is genuine. Later this serial number was also accompanied with registration over the internet, which provides additional benefits like product support, updates and more. Since the serial is known to user, a buyer can share his serial with his friends and others for money. This leads to end user piracy and internet sharing of serials. There is software published by the cracking community which contains a database of serials for almost all software that is existent. Serials 2000 and Oskar2k2 are such tools from http://www.gully.com
Dongles and Dongle Disks
They are hardware solution for piracy. They are usually a piece of hardware that requires to always be plugged to your PC's valuable resource, the port. This most of the time wastes the PC's port preventing the connection of other peripherals. Some companies worked out a solution by providing communication to other peripherals by providing cascading interfaces, but this usually resulted in malfunction of printers and other connected peripherals. But they were easily emulated by port emulation programs written by the crackers. Aladdin knowledge systems developed an embedded controller based solution that is uncrackable, but there were emulators for HASPS, a legacy product of the company. Some crackers have reported that even their HASP4 architecture is cracked. The dongle disks are boot disks with some hidden information, but they were crackable. In spite of these methods being capable of preventing internet piracy they were generally viewed as unacceptable by customers and the industry as they have not been easy for the customers to use. Their main disadvantage was that they permanently occupied the port, the PC's most valuable resource.
Microsoft's Product Activation
Microsoft's Software acquired on new PCs sold by OEMs and those purchased from retailers will require activation. Those licensed in volumes require no activation. Customers required to activate their software must complete a simple, straightforward and anonymous activation process that takes less than one minute when completed over
the Internet. Activation can also be completed by telephoning Microsoft and speaking with a customer service representative. If activation is completed via the Internet, the product will take care of most of the work and will require very little user participation. If activation is completed by telephoning Microsoft, a customer service representative will assist with the activation. To make activation convenient, the products do not require activation immediately after installation, they allow a grace period. Activation is not product registration. The only information required to activate is an Installation ID created by the software. No personally identifiable information is required to activate. But this fact remains under doubt as many users suspect that Microsoft uses it as a way to invade the privacy of the users. The Microsoft Corporation has only denied this fact but has not proved its part. However, product Activation was cracked before the final Windows XP came out. The crack disables the activation by just setting a registry key. Now more than 1 million users around are the world are reported using Windows XP illegal distribution effectively. Now Microsoft tried to implement a strict procedure for the service pack 1 [SPl] for XP and that too was cracked and a number of cracks are available to make it install on those PCs using illegal version of XP. Any how, Microsoft and many others are working in this system for some possible improvements.
Copy protected CDs
Some companies worked out a solution for CD copy protection, stopping the counterfeit copies. They use a copy proof technology by writing a dumb data to the CD rendering it unusable for copying. This method is a recent one and does not check hard disk cloning and rental installations and illegal pre-bundling with new assembled PCs.
While such mechanisms help reduce illicit copying, they often cause other problems in the form of consumer inconvenience. The dongle, it monopolizes the computer port, preventing other peripherals to be connected. Another instance is the Product Activation, which requires an internet connection for use of the software. Accordingly, there remains a need for improved technology solutions to piracy and illicit use, while recognizing and accommodating the needs and practices of a legitimate purchaser.
3. OBJECT OF INVENTION
The primary object of the invention is to invent a system for preventing piracy or illegal use of software.
It is another object of the invention to invent a method for preventing piracy or illegal use of software.
Software piracy is a worldwide problem which negatively impacts software developers, resellers, support professionals, and most importantly, consumers. The major forms of piracy are casual copying, counterfeiting, and internet based illegal downloads. The said invention prevents most form of piracy by validating the computer information for authenticity during software run. The method and system are extremely hassle-free and does not require users to have internet, phone connection, more important is that the said invention do not monopolize computer resources and other facilities.
The system flexibility accommodates a situation in which the user upgrades limited hardware components in a computer with out creating a new machine. Should the user needs additional use for the software, the method provides through reconfiguration of the license by manufacturer.
The system provided stores information necessary for validation, secured from illicit activities, in an external memory key. The method is implemental at different levels of manufacture, setup and run of the software.
4. SUMMARY OF INVENTION
At the outset of the description which follows it is to be understood the ensuing descriptions only illustrate a particular form of this invention. However, such particular form is only an exemplary embodiment and without intending to imply any limitation on the scope of this invention. Accordingly, the description is to be understood as an exemplary embodiment and reading of the invention is not intended to be taken restrictively.
In the present invention, methods and a system are provided for enabling enforcement of software licenses, where the above described needs are assured. This invention concems an anti-piracy method and system that prevents the occasion for piracy and illegal use of software products; by requiring each software product to be set for a single computer that consists of a specific hardware composition.
In one aspect, the system provided includes an external memory key, a software product resident on a computer and information in secured area of local hard disk for future validations. The methods are provided to collect, validate and store the information of computer in a system comprising an external memory key.
If an unscrupulous user attempts to install the software product on other computer, this method will recognize a change in hardware composition and will self-lock and disable itself, thereby preventing its operation on the different computer.
The system consists of an external memory key that has a data storage EEPROM or Flash memory or the like, interfaced to the computer's port through an embedded controller that monitors all communication interfaces. The method is implemental at various levels of manufacture, setup and run. The method employed during manufacture configures the key for its maximum allowable installations. The method adopted in setup
validates the maximum uses and stores the information of the computer in the provided external memory key and in a secured area of the local hard disk. The method used for software run, is an application launching program, which validates the current computer's hardware composition with the information stored during installation, for execution of the software.
The method and system allows limited upgrade option for the user, where the system flexibility accommodates a situation in which the user upgrades limited, non-mandatory hardware components in a computer without creating a new machine.
The system also has facilities for reconfiguration of license through the manufacturer. That the invention advances over the drawbacks of the prior art and accomplishes the advantages described above will become apparent from the following detailed description of the exemplary embodiments and the appended drawings and claims.
5. A BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWING
The foregoing summary, as well as the following detailed description of the embodiments of the present invention, will be better understood when read in conjunction with the appended drawings. For the purpose of illustrating the invention, there are shown in the drawings embodiments which are presently preferred. As should be understood, however, the invention is not limited to the precise arrangements and instrumentalities shown. In the drawings:
FIGURE .1 of the drawings is a block diagram of an exemplary personal computer. FIGURE .2 of the drawings is a general block diagram of said external memory key.
FIGURE .3 of the drawings shows the general block diagram of said memory key configured for use with parallel port 8 interfaces.
FIGURE .4 of the drawings shows the general block diagram of said memory key configured for use with serial port 9 interfaces.
FIGURE .5 of the drawings shows the general block diagram of said memory key configured for use with USB port 10 interfaces.
FIGURE .6 of the drawings is a flow diagram of steps in a method for manufacturer to configure the said external memory key of FIGURES 2, 3, 4 and 5 for maximum installable systems.
FIGURE .7 of the drawings is a flow diagram of steps in a method for installation program to set the said external memory key of FIGURES 2, 3, 4 and 5 with generated Installation ID of the information gathered from current computer. The flow chart also shows the installation method validating the number of installed computers and maximum allowable installed computers for the installation to proceed.
FIGURE .8 of the drawings is a flow diagram of the steps in a method for software program to validate the current hardware configuration for the execution of software to proceed.
FIGURE .9 of the drawings show the screen shot of a user interface which facilitates the software manufacturer to configure the said external memory key of FIGURES 2, 3, 4 and 5 using the method of FIGURE .6.
FIGURE .10 of the diagrams show the screen shot of a user interface which is initiated by the setup program that uses the method of FIGURE .7. The screen shot also shows the program requesting the user to insert the said external memory key of FIGURE .3.
FIGURE .11 of the diagrams show the screen shot of a user interface that was initiated by a change is the system RAM 14. The screen shot also reveals the need for said memory key of FIGURES 2, 3, 4 and 5 to proceed.
FIGURE .12 of the diagrams shows hardware information as obtained from an Intel family P III 650 MHz consumer computer.
FIGURE .13 of the diagram shows a 40 bit Installation ID generated for the configuration of FIGURE .12 by hashing the information with repeated modulo and addition operations for storage in the said external memory key of FIGURES 2, 3, 4
and 5 and in a secured area of local hard disk drive 16.
FIGURE .14 of the diagram shows a sample webpage that offers major software as illegal downloads.
FIGURE .15 is a chart indicating the worldwide piracy rate for the years 1995 - 2000. Top 10 countries are also listed by piracy rate in the chart.
7. DETAILED DESCRIPTION OF THE INVENTION WITH REFERENCE TO DRAWING
Referring to the drawings in details, wherein like numerals are used to indicate elements throughout, FIGURE .1 and following discussion are intended to provide a brief, general description of an exemplary customer computer. While the invention will be described in the general context of software program that run on an operating system in conjunction with a computer, those expert in the art will appreciate that the invention also may be implemented in combination with other software components like program routines, data structures, data bases, etc. Moreover, those expert in art will recognize that the invention may be used with other computing systems, including hand-held devices, multiprocessor systems, microprocessor based or programmable consumer electronics, distributed computing environments, minicomputers, mainframe computers, and the like.
With reference to FIGURE .1 of the drawing, an exemplary system for implementing the invention includes a conventional computer, including a main board 1, with controllers for various components and system buses to control and interface system RAM 14 to the processing unit 13. The main board 1 also includes Basic Input Output System - BIOS, processor socket 2, RAM sockets 3, Diskette drive connector 4, IDE drive connector 5, networking raiser adaptor 6, Display adaptor connector 7, interface ports including parallel port 8, serial port 9, USB port connectors 10, PS/2 mouse connector 11, Keyboard connector 12, and the like components. The personal computer further includes an IDE connection cable 15 to connect magnetic hard disk drives 16, and/or a CD-ROM/CD-RW/DVD drive 17 to read/read-write a CD or DVD media 28. The Floppy diskette drive 18 is provided to read or write from the removable magnetic diskette 29. A display monitor 22 is connected to the connector 21 present in the display adaptor 19 that goes through in display adaptor connector 7. The computer may or may-not have network 20 connected to the network raiser connector 6. Other typical hardware
components connected to the main board through the interface ports are a parallel printer 23 connected to a parallel port 8, a modem 24 for internet connection, connected to serial port 9, the USB devices 25 connected to USB port connectors 10, the PS/2 mouse 27 connected to PS/2 mouse connector 11, while the keyboard 26 connects to the keyboard connector 12. The operating system which is the base for the application software initially resides in hard disk drive 16; when the computer completes its POST operation it gets loaded to the system RAM 14 and executes various processes that use the processor 13 and other system hardware resources. Although the description of computer readable media above refers to a hard disk 16, a removable magnetic diskette 29 and a CD-ROM/ CD-RW/ DVD 28 disk, it should be appreciated by those skilled in the art that other types of media which are readable by a computer, such as magnetic cassettes, flash memory cards, digital video disks, Bernoulli cartridges, and the like, may also be used in the exemplary computing envirormient.
METHOD AND SYSTEM:
HARDWARE SYSTEM - the said external memory key
Those problems of prior mechanisms detailed with the earlier discussion in background of invention, are solved by the present invention which provides a system that makes installations computer dependent. It also manages installations with the use of external memory key and newly proposed methods in the invention.
FIGURE .2 shows the general block diagram of the said external memory key, along with its interface through port 31 to the computer 30 as explained in preceding detail of FIGURE .1, includes an embedded controller 33 with internal program memory 38 to contain the program that manages the various operations of the key also it
encrypts the Installation ID before storage in the present storage memory like EEPROM or flash memory or the like 34 for security. The following discussion will refer an EEPROM for storage memory 34.The ports, CPU and Control Logic of the embedded controller, Drivers 37, Address Latch 35 and the Power supply unit 36 is as well shown. The said external memory key is also code named the 'X-Key', which will be referenced in some of the following discussions.
To prevent the cracking of the system, the embedded controller 33 is locked in tamper resistant mode and can be communicated only through the proposed software methods. The purpose of the microcontroller 33 is to provide a secure interface between EEPROM 34 and the software run from the computer. The microcontroller 33's real time program encrypts the data that will be stored in the memory and decrypts the data as and when required. The real time program of the microcontroller 33 is designed in such a way to handle interrupts, that on first read interrupt, gives the software with the maximum possible installation [value of INST_MAX variable] and further read interrupts would present the number of used ones [the value of INST count] and the Installation IDs of previously installed computers one by one, based on the INST count value. The write interrupt to the embedded controller 33 would accept the Installation ID and encrypt it before storing in the EEPROM 34. Such cryptic communication between the EEPROM 34 and the software increases the security and prevents any form of port emulations. Additionally the embedded controller 33 being in locked mode cannot be duplicated or hacked as the method of communication remains secure. Most embedded controllers have software chip erase facility, which can be used for this invention as a tool to erase the contents of internal program memory 38 on opening of the case that houses the removable memory key 32.
The block diagram of the said memory key organized for use with computer's parallel port 8 interface is presented in FIGURE .3. It uses a MCS 51 family microcontroller
41 for control and security. The drawing also shows the parallel port connector 39 that goes through the parallel port 8 interface of the computer 30. The connector is interfaced to the microcontroller 41 using line drivers 45.
The block diagram of the said memory key intended for use with computer's serial port 9 interfaces is presented in FIGURE .4. It uses a MCS 51 family microcontroller 48 for control and security. The drawing also shows the serial port connector 46 that goes through the serial port 9 interface of the computer 30. The connector is interfaced to the microcontroller 48 using RS-232 level converter interface IC 52.
The block diagram of the said memory key intended for use with computer's Universal Serial Bus [USB] port 10 interfaces is presented in FIGURE .5. It uses a USB controller 55 for control and security. The drawing also shows the USB port connector 53 that goes through the USB port 10 interface of the computer 30. The connector is interfaced to the USB controller 55 using USB interface IC 59. The said external memory key does not monopolize the computer port or slot as in the case of dongles, as the said external memory key is required only during installation and during emergencies initiated by computer upgrades.
The software methods proposed in this invention are basically grouped into three, [i] Manufacturer Program Method
[ii] Installation or setup Program Method
[iii] Application Launch program or software run program method. These methods are explained in detail.
[i] Manufacturer Program Method
FIGURE .6 shows a flow diagram of steps in a method for manufacturer to configure the said external memory key of FIGURES 2, 3, 4 and 5 for maximum installable systems [INST_MAX variable] and product key. It also sets the installation count [INST count] to zero. This information is encrypted and sent for storage in the set address as signified by step 61 of FIGURE .6. Now the said memory key becomes ready for commercial distribution with the software setup diskette 29 or CD-ROMs 28 as shown by step 62.
[ii] Installation or setup Program Method
FIGURE .7 illustrate a flow diagram of steps in a method for installation program to set the said external memory key of FIGURES 2, 3, 4 and 5 with generated Installation ID of the information gathered from current computer.
During installation from the software setup diskette 29 or CD-ROM 28 by the end user, step 64 gathers the information from the current computer while step 65 needs the external memory key to be plugged into the computer port. The software issues a read interrupt. The said memory key returns the details of INST counter, INST_MAX variable and; or product key if used. This information is stored in the computer's registers. Further reads from the said memory key returns the prior installation IDs if any, to the software to store in the computer's registers for fiirther validations.
The installation ID is a method of identification of the different hardware components of the computer. This ID is generated by gathering the following information from the user computer.
 Processor 13 Type [from the information of the CPU_ID of the processor 13]  Processor 13 Serial number.
 Main board 1 Type [specifies the manufacturer and chipset]  Hard disk drive 16 Type [specifies the model]  Hard disk drive 16 volume serial number.  Network Adaptor 6 [specifies the address and network card]  System RAM 14 Capacity [specified in MB, the type (SD/RD/DDR) is not needed]  Display Adaptor 19 [specifies the manufacturer and chipset model]  Display Monitor 22 Type [specifies the size of the monitor in inches]  Sound card type [specifies the manufacturer and model]
This information are reduced to a 40 bit installation ID of FIGURE .13 that is obtained by a one way hash operations of repeated modulo and addition, on the original 88 byte [704 bit] hardware information details of FIGURE .12. This hash, being one¬way, cannot be calculated backwards, thus this hashed 40 bit installation ID does not hurt privacy of end-user in any way and ensures a high level of complete anonymity.
More over even if the said memory key is lost, the information contained in it is secure and cannot be determined with any of the known mechanisms.
The algorithm for creation of Installation ID by one way hash is explained in text as follows. The serial number and type of processor 13 are the only information associated with processor 13. By repeated modulo and addition operations on these values till an 8 bit resultant is available is performed. This information forms the first 8 bits of the Installation ID of FIGURE .13. This is unique for a computer and a maximum of 256
combinations is possible for an estimated total of 100 million PCs currently in use. This prevents the possibility of backward calculations to identify a particular processor 13's serial number and type, hence secures privacy of user. But this 8 bit hash value will be always unchanged for particular processors that give support to distinguish a processor from another. The next 5 bits in the Installation ID of FIGURE .13 are the hashed details of main board 1 by repeated modulo and addition operations with a known constant value. The following 8 bits correspond to the hashed hard disk drive volume serial number and type details of the hard disk drivel6. The subsequent 5 bits in the Installation ID of FIGURE .13 are the hashed details of Network adaptor 6 by a known constant value. The 3 bits following it correspond to the system memory 14 hashed with respect to a known constant value. The subsequent 5 bits are those of display adaptor 19 hashed by a known constant value. The 3 bits following it in the Installation ID are those of display monitor 22 hashed with a known constant value. The remaining 3 bits correspond to the details of sound card hashed by repeated modulo and addition operations with a known constant value.
The current computer's above mentioned hardware composition information is gathered and a 40 bit installation ID is generated as shown in step 66. This is compared in step 67 with installation IDs gathered from the said memory key. If there is a match between these IDs; a reinstall is performed.
If they do not match; then based on the remaining installations available; the installation is performed and the current computer's installation ID is sent to the said memory key by issuing a write interrupt. This critical Installation ID is also stored in the secured area of local hard disk 16 that is not accessible to users by normal programming instructions.
The other form of securing the Installation ID is to append it to a program file in an encrypted manner, such that it is readable only by the application launch program instructions. The prior discussion is visible from the steps 68 to 74 of FIGURE .7.
For additional security and eliminating the possibilities of piracy, the user may be provided with a security serial number to keep with him. This security ID may be requested during emergency initiated due to computer hardware upgrade or reinstallation of software product.
[iii] Application Launch program or software run method
FIGURE .8 is a flow diagram of the steps in a method for software program to validate the current hardware configuration for the execution of software to proceed. This method is implemented as an application launch program that validates the current computer information for execution of software product.
The computer's hardware information details of FIGURE .12 are collected and a 40 bit Installation ID is generated similar to the sample of FIGURE .13 is explained in step 77. The Installation ID stored earlier in the secured area of local hard disk drive 16 is gathered with the use of special instructions as indicated in step 76.
The two IDs are compared for validation of whether the current computer is the one in which the software product was previously installed, as visible from steps 78 and 79.
Should there be a difference or the validation fail, a change in hardware is detected, the computer hardware is checked for compatibility for the following mandatory hardware components of.
 Processor 13 Type.
 Processor 13 Serial number.
 Main board 1 Type.
 Hard disk drive 16 Type.
 Hard disk drive 16 volume serial number.
 Network Adaptor 6.
The method proposed in the invention allows upgrade of the following non-mandatory hardware components,
 RAM 14.
 Display adaptor 19.  Display monitor 22.  Sound card.
As these are the hardware resource frequently upgraded by most users. Should these non-mandatory hardware components be upgraded; provided the mandatory hardware resources are not changed, and then a new installation ID is created, stored in the said external memory key and in the secured area of local hard disk 16.
If an unscrupulous user attempts to install the software product on other computer, this method will detect a change in Installation ID does not match with the mandatory hardware components, a piracy is detected and the execution of software aborted by the application launch program and will self-lock, thereby preventing its operation on the different computer. The customer is forced to contact the manufacturing authority for an upgrade in license.
The invention does not allow change of hard disk drive as a step to prevent hard disk cloning and hard disk loading, the most frequent methods of piracy among end-users. But it allows addition of a secondary or slave IDE hard disk drive with out any need of modification to the Installation ID as the invention is concerned with the primary master IDE hard disk drive 16 only.
Supposed that the user needs to install the software in more systems other than that the system license was intended, and then he has an option to reconfigure his license information by contacting the manufacturer. The manufacturer will be able to reconfigure the license details of the said memory key at a nominal fee using the method presented in FIGURE .6 by changing the INST_MAX variable alone leaving the INST count untouched.
As of FIGURE .9, shown is a screen shot of an user interface for a program used by software production company that gathers the details of maximum systems installable and security serial that will configure the said memory key as explained in block diagram of FIGURE .3
The FIGURE .10 is a screen shot of a user interface initiated by the setup program at end-user computer. The requisite for the said memory key is also visible from the drawing.
The screen shot of FIGURE .11 is initiated by the application launch program when detecting a change in the system RAM 14. This drawing also illustrates the need for the said memory key.
The salient features of the invention are detailed as follows,
• With this system the software is secured from piracy.
• The production of the said memory key is as well a cheap process as the said memory key is same for a single installation license and for an 8 million installation license with suitable interfaces and memory. The manufacturer has the complete control over digital rights management of the key license and reconfiguration at a nominal fee.
• The system prevents internet piracy as the said external memory key is a necessary requirement for the installation itself and illegal downloads does not guarantee an installation with out the key.
• The validation of system information with the use of application launch program prevents hard disk 16 copying and hard disk 16 cloning.
• The counterfeits of the installation CDROM 28 or setup diskettes 29 can be produced but the tamper proof external memory key cannot be duplicated; this inhibits the basic intention of piracy.
• The system cannot be cracked by port emulations as the embedded controller 33 in the said memory key also performs some of the encryption and decryption processes.
• The system does not monopolize the computer port 31 or slot as the said external memory key 33 is required only during setup and emergency.
• This method of software protection is not affected by system utilities or Operating system upgrades, as it is only computer hardware dependant and not OS dependant.
This invention is not a single 'Silver Bullet' solution to global piracy. It is however, significantly more sophisticated than past methods and is not easy for would-be pirates to circumvent. At the same time, it is simple and unobtrusive process for legal customers. The invention will help deter casual copying of software, which is by far the single most prevalent type of software piracy. It will also help dissuade some hard disk cloning, internet piracy and counterfeiting. It is designed to target sophisticated and organized criminal counterfeiters. The average cost of said external memory key 32 when produced in large volume is comparatively cheap. The need of external memory key effectively prevents Internet Piracy as emulating or duplicating the key is costly and is impossible with security features of the embedded controller enabled. The prime aim of this invention is not to create an un-crackable solution to piracy, if in any case piracy is possible by cracking the present invention, then the cost involved would naturally be higher than that of the retail software itself
The present invention has been described hitherto with exemplary preferred embodiment. It is understood that the scope of the present invention is not limited to the disclosed preferred embodiments. On the contrary it is intended to cover various modification and similar arrangement within the scope defined in the following appended claims. It should be understood that the foregoing pertains only to the preferred embodiments of the present invention, and that numerous changes may be made to the embodiment described herein without departing from the spirit and scope of the invention. The scope of the invention should be allowed broadest interpretation so as to encompass all such modifications and similar arrangements. Without further elaboration the forgoing will so fully illustrate the invention that others may be applying current or fiirther knowledge readily adopt the same for use and various conditions of service.
8. I claim,
1. A system for software piracy prevention comprising of Processor 13 Type, Processor 13 Serial Number, RAM 14 Capacity, Hard Disk 16 Capacity, Hard Disk Drive 16 Volume Serial Number, Main board 1 Type, Network Adaptor 6 Address, Display Adaptor 19 , Sound Card and Display Monitor 22 Type, uses an external removable memory key 32; to provide additional protection by storing the above information in it^inbuilt memory 34 in an encrypted format to restrict unauthorized installations and internet piracy, the manufacturer sets the maximum installable computers during configuration of the key at the manufacturing process, the key is also distributed along with the software installation CD-ROM 28 or the setup Diskette 29, during installation by the end user, the computer information is .gathered, encrypted and stored in the provided external memory key, a copy of this encrypted information is stored at the secured area of the user's hard disk drive 16 for future checks and after the installation of software; during execution; the application launching program validates the existing computer's configuration information by comparing with the previously stored local information in secured area in hard disk drive 16; for execution of the software, when it substantially is different, a change in computer's hardware is detected and is cross checked with the external memory key, this prevents hard disk, loading of software to another computer.
2. A method for software piracy prevention using the validation of information of Processor 13 Type, Processor 13 Serial Number, RAM 14 Capacity, Hard Disk 16 Capacity, Hard Disk Drive 16 Volume Serial Number, Main board 1 Type, Network Adaptor 6 Address, Display Adaptor 19, Sound Card and Display Monitor 22 Type, the said method uses an external removable memory key 32^ "the methods include Manufacturer Program method (FIGURE .6), Installation or setup method (FIGURE .7) and Application Laungh prog;"am or software run program method (FIGURE .8)
3. A system for software piracy prevention using the validation of information as claimed in CLAIM 1; allows software installation to be computer specific and insure a legitimate installation.
4. A system for software piracy prevention using the validation of information as claimed in CLAIM 1; uses an external memory key 32; which includes an embedded controller 33, «« storage memory 34 in the form of EEPROM or flash memory or the like, interface drivers 37 and power supply unit 36. the embedded controller 33 has an internal program memory 38 which house a real time program to aid in communication between software and storage memory 34 in a secured fashion, also the program accomplishes the read and writes operations of storage memory which encrypt and decrypt the contents for secured transfer and handle interrupts.
5. A system for software piracy prevention using the validation of information as claimed in CLAIM 1; where in the production of the said external memory key 32 claimed in CLAIM 4 is by an economical process and the key can be configured for a maximum of 8 million installations with proper interface and memory.
6. A system for software piracy prevention using the validation of information as claimed in CLAIM 1; where in the counterfeits of the installation CD-ROM 28 or setup diskette 29 can be produced but the tamper proof said external memory key 32 claimed in CLAIM 4 cannot be duplicated.
7. A method for software piracy prevention using the validation of information as claimed in CLAIM 2; where in the method has instructions for manufacturer to configure the said memory key 32 by connecting memory key to port at manufacturer's computer, setting the maximum number of usable systems, remove after configuration and pack it with the software distribution package.
8. A method for software piracy prevention using the validation of information as claimed in CLAIM 2; where in the method has instructions for setup or installation program to set the said external memory key 32 with generated Installation ID of the information gathered from current computer and then to install the software in the user computer if it passes validations for computer hardware composition.
9. A method for software piracy prevention using the validation of information as claimed in CLAIM 2; where in the method has instructions for setup or installation program to abort Installation of the software in the user computer if it fails in the validation for computer hardware composition and with the maximum Installable limit already attained.
10. A method for software piracy prevention using the validation of information as claimed in CLAIM 2; where in the method has instructions for setup or installation program to perform reinstallation of the software in the user computer if the current computer is identified as a computer in which the software installed earlier and with the maximum Installable limit is not a consideration.
11. A method for software piracy prevention using the validation of information as claimed in CLAIM 2; where in the method has application launch program which validates the system information had hard disk 16 copying and hard disk 16 was cloned; for execution of the software product.
12. A system for software piracy prevention using the validation of information as claimed in CLAIM 1; where in the system cannot be cracked by port emulations as the embedded controller 33 in the said external memory key 32 performs encryption and decryption process for secured data transfer.
13. A system for software piracy prevention using the validation of information as claimed in CLAIM 1; where in the system does not monopolize a computer port 31 or slot as the said external memory key 32 is required only during installation and emergency.
l^A system for software piracy prevention using the validation of information as claimed in CLAIM 1; where in the system and method are independent of Operating System; as all Operating Systems have port interfaces and only the software requires to be written for that particular Operating System.
15. A system for software piracy prevention using the validation of information as claimed in CLAIM 1; where in the system has highly robust encryption schemes and the said encryption is stream chipper.
10. A method for software piracy prevention using validation of information as claimed in CLAIM 2; where in the Installation ID is stored in a secured area in the user's hard disk drive 16 for future validations and software runs.
17. A system for software piracy prevention using the validation of information as claimed in CLAIMyZ*, where in the key for implementing try - out and demo based on time or number of uses.
18. A method for software piracy prevention using the validation of information as claimed in CLAIM 2; where in the software protection which is not effected by the utilities or Operating System upgrades as the method is only computer hardware depended and not Operating System depended.
19. A method for software piracy prevention using the validation of information as claimed in CLAIM 2; where in the method allows upgrade the non-mandatory components of system RAM 14, display adapter 19; sound card and display monitor 22.
20. A method for software piracy prevention using the validation of information as claimed in CLAIM 2; where in the method requires the mandatory components of processor 13, main board 1, hard disk drive 16 and network adaptor 6 to remain unchanged for operation.
21. A system for software piracy prevention using the validation of information as
claimed in CLAIM 1; where in the system allow addition of secondary or slave
hard disk drive without any modification to installation ID.
22. A system for software piracy prevention using the validation of information as
claimed in CLAIM 1, 2, 3, 12, 13, 14, 15, 17, 21 and external removable
memory key 32 claimed by CLAIM 4, 5, and 6 as described in this complete
23. A method for software piracy prevention using the validation of information as
claimed in CLAIM 1, 7, 8, 9, 10, 11, 16, 18, 19, 20 and external removable
memory key 32 claimed by CLAIM 4, 5, and 6 as described in this complete
|Indian Patent Application Number||903/MAS/2002|
|PG Journal Number||30/2009|
|Date of Filing||03-Dec-2002|
|Name of Patentee||G. KALYANA SUNDARAM|
|Applicant Address||STUDENT OF B.E. - THIAGARAJAR COLLEGE OF ENGINEERING, PT. NO. 11, A.R. THOPE-FIRST STREET, MADURAI - 625 003.|
|PCT International Classification Number||G06F19/00|
|PCT International Application Number||N/A|
|PCT International Filing date|