CN106529216A - Software authorization system based on public storage platforms and software authorization method - Google Patents
Software authorization system based on public storage platforms and software authorization method Download PDFInfo
- Publication number
- CN106529216A CN106529216A CN201610955892.XA CN201610955892A CN106529216A CN 106529216 A CN106529216 A CN 106529216A CN 201610955892 A CN201610955892 A CN 201610955892A CN 106529216 A CN106529216 A CN 106529216A
- Authority
- CN
- China
- Prior art keywords
- authorization
- software
- platform
- management end
- empowerment management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000013475 authorization Methods 0.000 claims abstract description 124
- 230000008569 process Effects 0.000 claims description 13
- 230000006854 communication Effects 0.000 claims description 11
- 238000004891 communication Methods 0.000 claims description 9
- 230000000694 effects Effects 0.000 claims description 6
- 230000006870 function Effects 0.000 claims description 6
- 238000004458 analytical method Methods 0.000 claims description 5
- 230000003993 interaction Effects 0.000 claims description 5
- 238000012423 maintenance Methods 0.000 abstract description 4
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 235000017166 Bambusa arundinacea Nutrition 0.000 description 1
- 235000017491 Bambusa tulda Nutrition 0.000 description 1
- 241001330002 Bambuseae Species 0.000 description 1
- 235000015334 Phyllostachys viridis Nutrition 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 239000011425 bamboo Substances 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000004899 motility Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012827 research and development Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/107—License processing; Key processing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Remote Sensing (AREA)
- Radar, Positioning & Navigation (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a software authorization system based on public storage platforms and a software authorization method. The software authorization system comprises an authorization management end, an authorization information database, the public storage platform and an authorization client. The public storage platforms are divided into a plurality of function platforms such as a log platform, a registration platform and an authorization platform, according to function differences. According to the technical scheme of the system and the method, a software developer can employ relatively secure network authorization service without software development cost, hardware investment and maintenance cost.
Description
【Technical field】
The present invention relates to computer software authorization method, more particularly to the software authorization system based on common storage platform and
Software authorization method.
【Background technology】
With the all-round popularization of " the Internet+", all kinds of small tools and application software are gushed out such as spring bamboo.These instruments are for I
Routine work, life there is provided great convenience while, soft ware authorization and copyright management are also faced with very big challenge.
Some classical business softwares, often put into single hardware device, develop proprietary authorization server program, build
Complete authorization service, the software to issuing are authorized and are managed.With these business softwares except that, it is such it is small-sized should
The innovation point generally comprised with software is more single, and not there is developer more resource and energy to be used for soft ware authorization pipe
The exploitation of reason system.And the economic benefit brought of instrument is less compared to special authorization service, input and output are put into.
For these reasons, for example, the application that all kinds of needs at present in Android and IOS is using shop are paid, mostly adopts and pays
The mode that expense is downloaded is authorized, so since, authorize with motility.
Traditional network authorization will be registered or authorization message is stored in remote authorization server end, and can be by crucial calculation
Method is separated with software.In treating licensed software running, authority checking can be carried out by irregularly interacting with service end,
The operation action of software is determined with this result.
The difficulty for inversely cracking is increased using network authorization, while soft ware authorization behavior can be also obtained, to some exceptions
Mandate carries out flexible management so that extending and disable mandate becomes more convenient.However, designing and developing complete network authorization
Service, not only increases the hardware input at authorization service end, also increases research and development and the maintenance cost of software developer.In addition,
Generally, common software developer with security classes be not served by develop domain knowledge, if it cannot be guaranteed that its
The authorization service of the design safety of itself, then, the soft ware authorization of realization will also become a mere formality.
Soft ware authorization control technology research of the document based on e-mail system and MD5 algorithms and realization [J]. computer should
With with software, 2003,20 (9):72-74.Wherein design a kind of using E-Mail storage authorization messages, realize that soft ware authorization takes
Business, there are the following problems for it:
First, it is not a kind of network authorization pattern.It does not only have local authority or authority in software
When invalid, access mandate E-Mail downloads authority.And real proof procedure afterwards, only access the mandate text for generating
Part.Therefore, storage media of the E-Mail in authorization verification process only as authorization message distribution, and actually soft ware authorization process
It is then to be realized by local authority.
Secondly, safety is poor.The method that it does not refer to checking effect duration, simple point, attacker is by changing system
The system time just can reach the purpose for cracking.Go deep into a little, the E-Mail accounts of access and password, and whether communication process is encrypted
Undeclared, attacker can construct the mandate E-Mail of falseness.Deeper into some, attacker can treat licensed software not destroying
Integrity in the case of, write register machine software, generate authority, obtain permanent authorization service.
【The content of the invention】
To solve the above problems, the invention provides a kind of software authorization system and software based on common storage platform is awarded
Power method, the model are based on common storage platform, authorization message are protected using encryption method, realize that soft ware authorization takes
Business, on the premise of software developer can be put into 0 development cost and 0 hardware, using safer, flexible soft ware authorization pipe
Reason service.
The purpose of the present invention is achieved through the following technical solutions:
A kind of software authorization system based on common storage platform, including empowerment management end, authorization message data base are public
Storage platform and authorized client;
Empowerment management end is used by software developer, for entering to client key, soft ware authorization and common storage platform
Row management;
The software users registration of authorization message database purchase empowerment management end pipe reason and authorization message, common storage platform
Account data;
Difference of the common storage platform according to its function is daily record platform, register platforms and authorizes platform;Daily record is put down
The log information that platform is used for during logging software client authorization;Register platforms receive software registration information, empowerment management end
Authorization message is generated according to which;Platform is authorized to be used to store soft ware authorization information;
Authorized client is embedded in treating licensed software, is interacted with common storage platform in software development phase, is realized
The acquisition and checking of soft ware authorization information.
Further, common storage platform is the memory space of publicly accessible free or charge, using puppy parc
Or special purpose interface provides a user with storage service.
Further, common storage platform includes but is not limited to the Web Server such as E-Mail, FTP, microblogging and blog space
Service, and the various network cloud disks based on cloud storage.
Further, empowerment management end at least has reading and writing and deletes authority to common storage platform;Authorized client is to day
Will platform and register platforms at least write permission, for authorizing platform then at least read right.
Further, empowerment management end and authorized client use the integrity of interaction data between encryption method protection, it
Each possess a pair of authorization keys and Public key;Wherein encryption method can use asymmetric or symmetric encryption method, use
During asymmet-ric encryption method, authorization key and Public key are respectively respective private key and public key;During using symmetric encryption method,
Authorization key is identical with Public key.
Further, empowerment management end is to authorizing the authorization message stored in platform to use the authorization key at empowerment management end
It is encrypted with authorized client Public key, to ensure that authorization message cannot be forged or distort.Authorized client is using awarding
The public-key encryption log-on message and log recording of power management end, is separately sent to register platforms and daily record platform afterwards.
Further, the data interaction between empowerment management end and authorized client and common storage platform, using public
The SSL secure communications links provided by storage platform ensure the integrity of communication data.
Based on the software authorization method of common storage platform, comprise the following steps:
(1). registration request:Treat that licensed software is sent to log-on message in register platforms by authorized client, wherein
The address of register platforms and account list pass through empowerment management end authorization keyIt is stored in authorized client after encryption;Send out
The log-on message sent then uses empowerment management end Public keyEncryption;
(2). location registration process:Empowerment management end receives log-on message, generates authorization message and authority respectively, and by this
A little information Stores are in authorization message data base;
(3). authorization message is distributed:Authorization message is sent to mandate platform by empowerment management end, and authorization message is using mandate
Management end authorization keyIt is encrypted;
(4). authority is distributed:Authority is sent to software users by empowerment management end, is deposited in and is treated licensed software
In storage system, authority uses empowerment management end authorization key Ks- and authorized client Public keyWith carry out plus
It is close;
(5)Authorization message is obtained:When licensed software runs, authorized client access mandate platform, after obtaining encryption
Authorization message;
(6). authority checking:After authorized client obtains the authorization message encrypted, using empowerment management end Public key
With the authorization key of itselfDecryption, obtains the authorization message of plaintext;Got Date by standard time service device afterwards
And the time, the effect duration in authorization message is verified, authority checking is carried out;Last authorized client returns checking to treating licensed software
As a result, determine the follow-up behavior of software;
(7). daily record writes:After the completion of registering every time or authorizing, operating result, software and client are believed by authorized client
Breath, is sent to after encryption in daily record platform;
(8). log analysis and management:The behavior recorded by daily record by empowerment management end, the service condition of analysis software.
The present invention has advantages below:
(1)Software and hardware expense is little
Using the software authorization system of model realization of the present invention, using free common storage platform storage authorization message,
Therefore hardware and its maintenance cost need not be put into.It is in terms of software overhead, it is only necessary on stream, authorized client is embedding
Enter and treat licensed software, platform relevant parameter, such as platform accounts information and management end Public key etc. are set.Without concern
Exploitation, deployment and the maintenance work of empowerment management.
(2)Communication and data encryption
Current conventional common storage platform, provides safe communication connection mode mostly, such as SSL, SFTP,
HTTPS etc., is directly connected using these, is just capable of achieving communication procedure data encryption, it is ensured that data integrity.
Further, since the related data amount such as authorization message is less, the data being stored in platform can use asymmetric adding
Close mode, it is ensured that while data safety, affects less to licensing process by the time overhead that encryption is produced.
(3)Autgmentability is high
Common storage platform reliability is higher, and can support larger concurrent, for example, support to access identical HTTP simultaneously
The client terminal quantity of the page, or while the number of users signed in in ftp server can have a lot.Therefore, using the present invention
The software authorization system of realization, can pass through the account quantity of expansion platform, reach support comparatively high amts authorized client while visiting
The purpose asked.
(4)Higher network authorization service safe performance
The software authorization system based on common storage platform of present invention design, compared with traditional network authorization model
Compared with not losing the safety and reliability of service.And the concentrating type service and skill due to common storage platform service provider
Art is accumulated, the authorization service that performance of the present invention in terms of ddos attack is resisted even more voluntarily is built better than developer.
【Description of the drawings】
Fig. 1 is the system structure and workflow schematic diagram of the present invention;
Fig. 2 is empowerment management end functional framework figure in embodiment;
Fig. 3 is authorized client functional framework figure in embodiment;
Fig. 4 be embodiment in treat licensed software authority checking flow chart.
【Specific embodiment】
Technical solution of the present invention is clearly and completely described below in conjunction with embodiment, it is clear that described enforcement
Example is only a part of embodiment of the invention, rather than the embodiment of whole.Based on the embodiment in the present invention, the common skill in this area
All other embodiment that art personnel are obtained under the premise of creative work is not made, should all belong to the model of present invention protection
Enclose.
The present invention's mainly includes 5 modules based on the software authorization system 100 of common storage platform, as shown in Figure 1.Bag
Include empowerment management end 101, authorization message data base 102, common storage platform 103 and authorized client 104;It is described public to deposit
Difference of the storage platform 103 according to its function, is divided into daily record platform 1031, register platforms 1032 and authorizes platform 1033;Daily record is put down
The log information that platform 1031 is used for during logging software client authorization;Register platforms 1032 receive software registration information, award
Power management end 101 generates authorization message according to which;Platform 1033 is authorized to be used to store soft ware authorization information;
Three class platforms in dotted line frame are by means of existing common storage platform 103, such as E-Mail, FTP, Web
The data such as Server etc., registration, mandate and daily record in storage and exchange licensing process.Empowerment management is carried out by software developer
Control, the distribution to client key, authorization message and common platform are managed.In figure, numeral is suitable for working-flow
Sequence;Data message and the key for possessing that italics content in each module is stored by respective modules.
It is described in detail below:
Empowerment management end 101:The mandate of software and various common platform accounts can be managed;
Register platforms 1032:It is mainly used in receiving new user's registration information, software developer is generated according to these contents
Authorization message;
Authorize platform 1033:Authorization message is stored, for treating that licensed software reads, verifies;
Daily record platform 1031:Record authorized client carries out authorizing log information when accessing, for software developer to this
Software users behavior is analyzed, in this, as empowerment management foundation;
Authorized client 104:It is embedded in software development process in software to be authorized, it is flat with registration, mandate and daily record
Platform is interacted, and realizes normal soft ware authorization function.
Data module
Explanation the present invention workflow before, first used in introducing system it is several to key and critical data letter
Breath.
Empowerment management end key:Including a pair of authorization keysAnd Public keyAuthorization key is only at empowerment management end
101 use, and Public key is attached in each authorized client 104.
Authorized client key:Each 104 a pair of authorization key of authorized clientAnd Public keyAuthorization key
It is stored in authority, Public key is stored in authorization message data base 102.
Communication key:Communication process sets up SSL connections by the certificate provided by common platform, and the present invention is not carried out to which
Limit and manage.
Log-on message(reg_info):There is provided by authorized client 104, mainly include software runtime environment identification code, with
And user basic information, such as user name, registration mailbox etc..
Authorization message(auth_info):Generated according to log-on message by empowerment management end 101, be stored in mandate platform
In 1033.Including software identification code, authorized client identification code, authorize the contents such as effect duration.
Authority(auth_file):Generated by empowerment management end 101, send and be stored in and treat that licensed software is locally deposited
Storage system.Authorization key comprising authorized client 104Authorize address and account information of platform 1033 etc..
Workflow
The overall workflow of the present invention can be divided into registration, warrant distributing, authority checking, four part of log recording.Connect down
Come, with the order identified by numeral in Fig. 1, each flow process of the present invention is introduced.Wherein, the data interaction of each flow process,
Carried out using the communication link of SSL encryption.
Registration process
1. registration request.Treat that licensed software is sent to log-on message in register platforms 1032, wherein register platforms 1032
Address and account list by the authorization key at empowerment management end 101It is stored in after encryption in authorized client 104.Send out
The log-on message sent then uses its Public keyEncryption.
2. location registration process.Empowerment management end 101 receives log-on message, generates authorization message and authority respectively, and will
These information Stores are in authorization message data base 102.
Warrant distributing
3. authorization message distribution.Authorization message is sent to mandate platform 1033 by empowerment management end 101, and authorization message is used
The Public key of the authorization key and authorized client 104 at empowerment management end 101 is encrypted.
4. authority distribution.Authority is sent to into software users, is deposited in treating licensed software storage system.Award
Power file is encrypted using the authorization key at empowerment management end 101.
Authority checking
5. authorization message is obtained.When licensed software runs, 104 access mandate platform 1033 of authorized client is obtained and is added
Close authorization message.
6. authority checking.After authorized client 104 obtains the authorization message encrypted, using the public of empowerment management end 101
Key and itself authorization key are decrypted, and obtain the authorization message of plaintext.Got Date by standard time service device afterwards
And the time, the effect duration in authorization message is verified, authority checking is carried out.Last authorized client 104 is returned to treating licensed software
The result, determines the follow-up behavior of software.
Log recording
7. daily record write.After the completion of registering every time or authorizing, operating result, software and client are believed by authorized client 104
Breath, is sent to after encryption in daily record platform 1031.
8. log analysis and management.The behavior recorded by daily record by empowerment management end 101, the use feelings of analysis software
Condition.For example whether there is malice crack, in this, as the foundation of empowerment management.
Below in conjunction with the accompanying drawing in the embodiment of the present invention, from free FTP as common storage platform, and using non-
Symmetric cryptosystem is described to technical scheme as encryption method.
1. empowerment management end
Fig. 2 show the functional structure chart at empowerment management end 101 in embodiment, and client layer includes that software developer is used
Concrete function, for example common storage platform account management, soft ware authorization management, au-thorization log analysis etc..Interface layer is carried upwards
For the interface of data in a set of operation common storage platform.
(1)Database table structure
In the embodiment, authorization database selects Microsoft Access, mainly includes two tables of data, such as table 1 and 2
It is shown.
1 platform information table of table
2 authorization message table of table
Field | Type | Size | Explanation |
Aid | Automatic numbering | Long | Record ID |
Lpid | Numeral | Long | Association daily record platform ID |
Rpid | Numeral | Long | Association register platforms ID |
Apid | Numeral | Long | Association authorizes platform ID |
Ackey | Text | 255 | Public key |
Askey | Text | 255 | Authorization key |
Astatus | Numeral | Integer | Licensing status |
Ardate | Date/time | Regular dating | Last on-line time |
Aedate | Date/time | Regular dating | Authorize expired time |
(2)Platform management
Platform management mainly manages the account information of common storage platform, including newly-increased, modification and deletion platform address, uses
Name in an account book and password etc..
(3)Registration management
After receiving new log-on message, it is its distribution common storage platform account, and generates random encryption key pair.
Generate authorization message and authority afterwards respectively, and by these information Stores in authorization message data base 102.To finally award
The write of power information authorizes platform 1033.
(4)Log analysis
Empowerment management end 101 obtains log information from daily record platform automatically, for software developer to the software users behavior
It is analyzed, in this, as empowerment management foundation.
(5)Empowerment management
After the completion of registration, software developer can dynamic management licensing status and effect duration etc..
2. authorized client
Authorized client sends log-on message to register platforms 1032 in the case of unregistered.After completing registration, from mandate
Platform 1033 obtains authorization message, and is verified.In registration and licensing process, daily record platform 1031 is sent the logs to.
Fig. 3 is the functional structure chart of authorized client 104 in embodiment, and client layer is the tool that authorized client 104 is used
Body function, interface layer provide the interface of data in operation common storage platform upwards.
Fig. 4 is that authorized client 104 carries out registering the workflow diagram with authority checking.After checking terminates, mandate is tested
Card result is informed and treats licensed software, and software will determine follow-up operation behavior according to the result.
The above is the preferred embodiment of the present invention, by described above content, the related work of the art
Personnel can carry out various improvement and replacement on the premise of without departing from the technology of the present invention principle, and these improve and replace
Should be regarded as protection scope of the present invention.
Claims (8)
1. a kind of software authorization system based on common storage platform, it is characterised in that:Including empowerment management end (101), authorize
Information database (102), common storage platform (103) and authorized client (104);
Empowerment management end (101) is used by software developer, for flat to authorized client key, soft ware authorization and common storage
Platform carries out (103) management;
Software users registration that authorization message data base (102) storage empowerment management end (101) manages and authorization message, public deposit
Storage platform account information;
Difference of the common storage platform (103) according to its function, be divided into daily record platform (1031), register platforms (1032) and
Authorize platform (1033);Daily record platform (1031) is for the log information in logging software licensing process;Register platforms (1032)
Software registration information is received, empowerment management end (101) generate authorization message according to which;Platform (1033) is authorized to award for storing software
Power information;
Authorized client (104) is embedded in treating licensed software, is handed over common storage platform (103) in software development phase
Mutually, the acquisition and checking of soft ware authorization information are realized.
2. the software authorization system based on common storage platform as claimed in claim 1, it is characterised in that:Common storage platform
(103) it is publicly accessible free or charge memory space, is provided a user with using puppy parc or special purpose interface
Storage service.
3. the software authorization system based on common storage platform as claimed in claim 1, it is characterised in that:Common storage platform
(103) the including but not limited to Web Server such as E-Mail, FTP, microblogging and blog space services, and it is various based on cloud storage
Network cloud disk.
4. the software authorization system based on common storage platform according to claim 1, it is characterised in that:Empowerment management end
(101) at least there are to common storage platform (103) reading and writing and authority is deleted;Authorized client (104) is to daily record platform
(1031) and register platforms (1032) at least write permission, for authorizing platform (1033) then at least read right.
5. the software authorization system based on common storage platform according to claim 1, it is characterised in that:Empowerment management end
(101) and authorized client (104) using encryption method protection between interaction data integrity, empowerment management end (101) and
Authorized client (104) each possesses a pair of authorization keys and Public key, and wherein encryption method is encrypted for asymmetric or symmetric
Method, during using asymmet-ric encryption method, authorization key and Public key are respectively respective private key and public key;Added using symmetrical
During decryption method, authorization key is identical with Public key.
6. the software authorization system based on common storage platform according to claim 1, it is characterised in that:Empowerment management end
(101) to authorizing the authorization message stored in platform (1033) to use empowerment management end (101) authorization key and authorize client
End (104) Public key is encrypted, to ensure that authorization message cannot be forged or distort;Authorized client (104) is used and is awarded
Power management end (101) public-key encryption log-on message and log recording, be separately sent to afterwards register platforms (1032) and
Daily record platform (1031).
7. the software authorization system based on common storage platform according to claim 1, it is characterised in that:Empowerment management end
(101) data interaction and between authorized client (104) and common storage platform (103), using common storage platform
(103) the SSL secure communications links for being provided ensure the integrity of communication data.
8. the software authorization method based on claim 1 system, it is characterised in that comprise the following steps:
(1). registration request:Treat that log-on message is sent to register platforms (1032) by authorized client (104) by licensed software
In, the wherein address of register platforms (1032) and account list passes through empowerment management end (101) authorization keyPreserve after encryption
In authorized client (104);The log-on message for sending out then uses empowerment management end (101) Public keyEncryption;
(2). location registration process:Empowerment management end (101) receives log-on message, generates authorization message and authority respectively, and will
These information Stores are in authorization message data base (102);
(3). authorization message is distributed:Authorization message is sent to mandate platform (1033) by empowerment management end (101), and authorization message makes
With empowerment management end (101) authorization keyIt is encrypted;
(4). authority is distributed:Authority is sent to software users by empowerment management end (101), is deposited in and is treated licensed software
In storage system, authority uses empowerment management end (101) authorization keyWith the Public key of authorized client (104)Be encrypted;
(5). authorization message is obtained:When licensed software runs, authorized client (104) access mandate platform (1033) is obtained
Authorization message after encryption;
(6). authority checking:It is after authorized client (104) obtains the authorization message encrypted, public using empowerment management end (101)
KeyWith authorized client (104) authorization keyDecryption, obtains the authorization message of plaintext;Taken by the standard time afterwards
Business device gets Date and the time, verifies the effect duration in authorization message, carries out authority checking;Last authorized client
(104) to licensed software return the result is treated, determine the follow-up behavior of software;
(7). daily record writes:After the completion of registering every time or authorizing, operating result, software and client are believed by authorized client (104)
Breath, is sent to after encryption in daily record platform (1031);
(8). log analysis and management:The behavior recorded by daily record by empowerment management end (101), the use feelings of analysis software
Condition.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610955892.XA CN106529216B (en) | 2016-10-27 | 2016-10-27 | Software authorization system and software authorization method based on public storage platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610955892.XA CN106529216B (en) | 2016-10-27 | 2016-10-27 | Software authorization system and software authorization method based on public storage platform |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106529216A true CN106529216A (en) | 2017-03-22 |
CN106529216B CN106529216B (en) | 2022-04-22 |
Family
ID=58325509
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610955892.XA Active CN106529216B (en) | 2016-10-27 | 2016-10-27 | Software authorization system and software authorization method based on public storage platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106529216B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106934261A (en) * | 2017-03-31 | 2017-07-07 | 山东超越数控电子有限公司 | A kind of storage of license information and extracting method based on database |
CN109241705A (en) * | 2018-08-29 | 2019-01-18 | 中科鼎富(北京)科技发展有限公司 | A kind of software authorization method and system |
CN109584002A (en) * | 2018-11-24 | 2019-04-05 | 深圳市晓舟科技有限公司 | Shopping recommender system |
Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20010034712A1 (en) * | 1998-06-04 | 2001-10-25 | Colvin David S. | System and method for monitoring software |
CN101860525A (en) * | 2009-09-25 | 2010-10-13 | 深圳市安捷信联科技有限公司 | Realizing method of electronic authorization warrant, intelligent terminal, authorization system and verification terminal |
CN103078858A (en) * | 2012-12-31 | 2013-05-01 | 上海同岩土木工程科技有限公司 | Web service and signature certificate-based software trial authorization method |
CN103152336A (en) * | 2013-02-22 | 2013-06-12 | 浪潮电子信息产业股份有限公司 | Distributed authorization and authentication method in cloud computing environment |
CN103491097A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization system based on public key cryptosystem |
CN103906054A (en) * | 2012-12-28 | 2014-07-02 | 上海农业信息有限公司 | Method and system for authorization of software function modules of internet of things |
CN104050397A (en) * | 2013-03-11 | 2014-09-17 | 钱景 | Method and system for controlling and managing software |
US20150082025A1 (en) * | 2012-02-27 | 2015-03-19 | Nachiket Girish Deshpande | Authentication and secured information exchange system, and method therefor |
CN104601551A (en) * | 2014-12-25 | 2015-05-06 | 重庆森鑫炬科技有限公司 | Security verification system for software product |
CN104700002A (en) * | 2013-12-05 | 2015-06-10 | 航天信息软件技术有限公司 | Software protecting, authorizing and registering method |
CN105025012A (en) * | 2015-06-12 | 2015-11-04 | 深圳大学 | An access control system and an access control method thereof oriented towards a cloud storage service platform |
-
2016
- 2016-10-27 CN CN201610955892.XA patent/CN106529216B/en active Active
Patent Citations (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20010034712A1 (en) * | 1998-06-04 | 2001-10-25 | Colvin David S. | System and method for monitoring software |
CN101860525A (en) * | 2009-09-25 | 2010-10-13 | 深圳市安捷信联科技有限公司 | Realizing method of electronic authorization warrant, intelligent terminal, authorization system and verification terminal |
US20150082025A1 (en) * | 2012-02-27 | 2015-03-19 | Nachiket Girish Deshpande | Authentication and secured information exchange system, and method therefor |
CN103906054A (en) * | 2012-12-28 | 2014-07-02 | 上海农业信息有限公司 | Method and system for authorization of software function modules of internet of things |
CN103078858A (en) * | 2012-12-31 | 2013-05-01 | 上海同岩土木工程科技有限公司 | Web service and signature certificate-based software trial authorization method |
CN103152336A (en) * | 2013-02-22 | 2013-06-12 | 浪潮电子信息产业股份有限公司 | Distributed authorization and authentication method in cloud computing environment |
CN104050397A (en) * | 2013-03-11 | 2014-09-17 | 钱景 | Method and system for controlling and managing software |
CN103491097A (en) * | 2013-09-30 | 2014-01-01 | 华中师范大学 | Software authorization system based on public key cryptosystem |
CN104700002A (en) * | 2013-12-05 | 2015-06-10 | 航天信息软件技术有限公司 | Software protecting, authorizing and registering method |
CN104601551A (en) * | 2014-12-25 | 2015-05-06 | 重庆森鑫炬科技有限公司 | Security verification system for software product |
CN105025012A (en) * | 2015-06-12 | 2015-11-04 | 深圳大学 | An access control system and an access control method thereof oriented towards a cloud storage service platform |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106934261A (en) * | 2017-03-31 | 2017-07-07 | 山东超越数控电子有限公司 | A kind of storage of license information and extracting method based on database |
CN109241705A (en) * | 2018-08-29 | 2019-01-18 | 中科鼎富(北京)科技发展有限公司 | A kind of software authorization method and system |
CN109584002A (en) * | 2018-11-24 | 2019-04-05 | 深圳市晓舟科技有限公司 | Shopping recommender system |
Also Published As
Publication number | Publication date |
---|---|
CN106529216B (en) | 2022-04-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110599147B (en) | Ciphertext retrieval fair payment method and system based on block chain | |
Di Pietro et al. | A blockchain-based trust system for the internet of things | |
CN103563294B (en) | Certification and authorization method for cloud computing platform security | |
CN101207485B (en) | System and method of unification identification safety authentication for users | |
CN107682331A (en) | Internet of Things identity identifying method based on block chain | |
CN103152179A (en) | Uniform identity authentication method suitable for multiple application systems | |
CN103179134A (en) | Single sign on method and system based on Cookie and application server thereof | |
CN104718526A (en) | Secure mobile framework | |
CN100397814C (en) | Uniform identication method and system based on network | |
CN101355527A (en) | Method for implementing single-point LOG striding domain name | |
CN102089767A (en) | Authenticated database connectivity for unattended applications | |
CN106534219A (en) | Security authentication method and device for desktop cloud portal | |
TW200533138A (en) | Apparatus, system, and method for authorized remote access to a target system | |
ES2875963T3 (en) | Method and system related to user authentication to access data networks | |
CN109150547A (en) | A kind of system and method for the digital asset real name registration based on block chain | |
CN106533693B (en) | Access method and device of railway vehicle monitoring and overhauling system | |
CN105978994B (en) | A kind of login method of web oriented system | |
CN109639711A (en) | A kind of Distributed C AS authentication method based on privately owned chain session id | |
CN109981287A (en) | A kind of code signature method and its storage medium | |
CN109741800A (en) | The method for security protection of medical data intranet and extranet interaction based on block chain technology | |
CN113515756B (en) | High-credibility digital identity management method and system based on block chain | |
CN108322468A (en) | Identity authorization system | |
CN109309645A (en) | A kind of software distribution security guard method | |
CN107426223A (en) | Cloud file encryption and decryption method, encryption and decryption device and processing system | |
Daraghmi et al. | A Blockchain‐Based Editorial Management System |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |