CN111079091A - Software security management method and device, terminal and server - Google Patents
Software security management method and device, terminal and server Download PDFInfo
- Publication number
- CN111079091A CN111079091A CN201911149347.1A CN201911149347A CN111079091A CN 111079091 A CN111079091 A CN 111079091A CN 201911149347 A CN201911149347 A CN 201911149347A CN 111079091 A CN111079091 A CN 111079091A
- Authority
- CN
- China
- Prior art keywords
- terminal
- license
- software
- target software
- credential
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 49
- 238000000034 method Methods 0.000 claims abstract description 38
- 230000004044 response Effects 0.000 claims abstract description 7
- 238000004891 communication Methods 0.000 claims description 24
- 230000006870 function Effects 0.000 claims description 21
- 238000013475 authorization Methods 0.000 description 16
- 238000010586 diagram Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 6
- 238000012795 verification Methods 0.000 description 6
- 230000002159 abnormal effect Effects 0.000 description 5
- 238000011161 development Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 238000013500 data storage Methods 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000009191 jumping Effects 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 239000007787 solid Substances 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000002035 prolonged effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
Abstract
The application discloses a software safety management method, a device, a terminal and a server, and the method applied to the terminal comprises the following steps: in response to a use request for requesting operation of target software, searching for a license credential corresponding to the target software on the terminal; wherein the license ticket is obtained from a server based on terminal configuration information of the terminal; and if the license voucher is found, starting the target software based on the found license voucher. Therefore, the software security protection is realized by obtaining the license credential by using the terminal configuration information, so that the software security start can be ensured, hardware equipment such as an encryption tool does not need to be added for checking and encrypting, and related input operation by a user is not needed, the flow of the software security start is reduced, the operation of the user is reduced, the time length of the user when the user starts the software is obviously reduced, and the complexity of the user in using the software is reduced.
Description
Technical Field
The present application relates to the technical field of airport operations, and in particular, to a method, an apparatus, a terminal and a server for security management of software.
Background
In recent years, with the development of civil aviation industry, various counter terminals in airports are increasing. Such as a manual check-in counter terminal, a self-service check-in counter terminal, an airline check-in counter terminal, etc. Various application software provided by software developers are arranged on the airport counter terminals, and corresponding services are provided for airport staff and passengers.
In order to guarantee the rights and interests of software developers, encryption tools such as encryption locks or passwords for setting serial numbers are usually equipped for terminals, and corresponding software can be operated only when the encryption locks are connected to interfaces or the counter terminals successfully input the serial numbers, so that the copyright protection of application software on the counter terminals is realized.
However, the encryption tool usually needs to check or directly encrypt the software or other documents, which results in a complicated process for the user to enable the software, and inputting the serial number often consumes more time for the user to open the software, thereby increasing the complexity of the user to use the software.
Disclosure of Invention
In view of the above, an object of the present application is to provide a method, an apparatus, a terminal and a server for security management of software, so as to solve the technical problem that the complexity of using software by a user is increased when software is currently protected, as follows:
a safety management method of software is applied to a terminal, and comprises the following steps:
in response to a use request for requesting operation of target software, searching for a license credential corresponding to the target software on the terminal;
wherein the license ticket is obtained from a server based on terminal configuration information of the terminal;
and if the license voucher is found, starting the target software based on the found license voucher.
Preferably, the method for starting the target software based on the found license credential includes:
and judging whether the current time is within the permission duration of the searched permission certificate, and if so, starting the target software.
Preferably, the method, based on the found license ticket, starts the target software and runs the target software, and includes:
checking the searched license certificate, and starting the target software if the checking is successful;
wherein the functional component in the target software corresponding to the found license credential is in an enabled state.
A safety management method of software is applied to a server, and comprises the following steps:
receiving a permission request sent by a terminal, wherein the permission request comprises terminal configuration information of the terminal and a software identifier of target software to be started;
obtaining a license certificate based on the terminal configuration information and the software identifier of the target software;
and sending the license credential to the terminal so that the terminal starts the target software based on the license credential.
Preferably, in the above method, after the sending the license credential to the terminal, the method further includes:
recording a licensing relationship between the target software and the terminal aiming at the licensing certificate;
wherein the method further comprises:
receiving an unbinding instruction; the unbinding instruction comprises terminal information and software information;
and deleting the permission relation between the terminal corresponding to the terminal information and the software corresponding to the software information aiming at the permission certificate corresponding to the software information.
Preferably, in the above method, before sending the license credential to the terminal, the method further includes:
judging whether the number of terminals currently permitted by the license is less than or equal to the number of terminals preset by the target software;
and if the number of the terminals currently permitted by the license is less than or equal to the number of the terminals preset by the target software, transmitting the license to the terminals.
A safety management device of software is applied to a terminal, and the device comprises:
a searching unit, which is used for responding to a use request for requesting operation of target software and searching a license certificate corresponding to the target software on the terminal;
wherein the license ticket is obtained from a server based on terminal configuration information of the terminal;
and the starting unit is used for starting the target software based on the searched license certificate if the license certificate is searched.
An apparatus for secure management of software, an application server, the apparatus comprising:
the device comprises a receiving unit, a starting unit and a starting unit, wherein the receiving unit is used for receiving a permission request sent by a terminal, and the permission request comprises terminal configuration information of the terminal and identification information of target software to be started;
an obtaining unit, configured to obtain a license credential based on the terminal configuration information and the identification information of the target software;
a sending unit, configured to send the license credential to the terminal, so that the terminal starts the target software based on the license credential.
A terminal, comprising:
the memory is used for storing an application program and data generated by the running of the application program;
a processor for executing the application to perform the functions of: in response to a use request for requesting operation of target software, searching for a license credential corresponding to the target software on the terminal; wherein the license ticket is obtained from a server based on terminal configuration information of the terminal; and if the license voucher is found, starting the target software based on the found license voucher.
A server, comprising:
the terminal comprises a communication interface, a storage module and a starting module, wherein the communication interface is used for receiving a permission request sent by a terminal, and the permission request comprises terminal configuration information of the terminal and identification information of target software to be started;
and the processor is used for obtaining a license credential based on the terminal configuration information and the identification information of the target software, and sending the license credential to the terminal through the communication interface so that the terminal starts the target software based on the license credential.
According to the scheme, the software security management method, the device, the terminal and the server provided by the application can start the software only when the terminal has the license certificate obtained from the server by using the terminal configuration information when the terminal safely starts the software. Therefore, the software security protection is realized by obtaining the license credential by using the terminal configuration information, so that the software security start can be ensured, hardware equipment such as an encryption tool does not need to be added for checking and encrypting, and related input operation by a user is not needed, the flow of the software security start is reduced, the operation of the user is reduced, the time length of the user when the user starts the software is obviously reduced, and the complexity of the user in using the software is reduced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on the provided drawings without creative efforts.
Fig. 1 is a flowchart of a method for managing security of software according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a software security management apparatus according to a second embodiment of the present application;
fig. 3 is a schematic structural diagram of a software security management apparatus according to a third embodiment of the present application;
FIG. 4 is a block diagram of a software security system according to the present application;
FIG. 5 is a schematic diagram of a component structure of a server according to the present application;
fig. 6 is a schematic diagram of a structure of a terminal according to the present application;
fig. 7 is a logical block diagram of the present application in a specific application.
Detailed Description
In a scene that the airport counter terminal runs aviation management software, development of airport front-end software consumes a large amount of manpower, material resources and financial resources of a software provider, and belongs to invaluable intellectual property, so that reasonable authorization control on software copyright is required. The goal of software license management is to have the airport use the airport front-end software with license content that includes the time of use, functionality used, number of computers installed, etc. of the software.
Based on the above requirements, the inventors of the present application have studied and found that: when the airport front-end software is handed to the airport, the software is required to be used on different equipment or terminals for authorization management control, and the current software authorization methods mainly include the following methods:
the airport purchases a dongle or a dongle for a terminal, wherein the dongle is a hardware circuit installed on a parallel port or a USB interface and the like, is an intelligent encryption tool, and is provided with a set of interface software and tool software. The defect of the scheme is that when a user executes software, the software needs to be checked to determine whether the dongle is inserted on an interface; or directly encrypting the EXE file by using a tool attached to the dongle. In this way, the user is very troublesome, so the user experience is poor, and the cost is increased because of the need of the dongle support;
the airport purchases the password for the terminal, force to enter authorizing website or server when users need to use the software each time, input the corresponding password, therefore cause the great inconvenience to users, and the password is easy to leak, damage the interest of the software developer;
the airport purchases a serial number for the terminal, and the user needs to input the serial number for authorization when using the software. The method needs manual completion by a user, and causes unnecessary trouble to the user.
Based on the defects, the inventor of the application further researches and discovers that: when the software is authorized to be licensed and managed, the terminal configuration information can be used as the basis of the license certificate, and then the license certificate for guaranteeing the software security is realized based on the terminal configuration information without relying on means such as encryption tools, passwords or serial numbers. The authorization license management scheme in the application is an authorization management mode for binding the terminal configuration information of a user, such as computer hardware information, into software. When a user starts software, the software determines some hardware information from a machine of the user, such as a host number of a workstation, an MAC address of an Ethernet card on a computer and the like, which may be unique all over the world, that is, any two computers in the world are different, and a seed file is generated according to the hardware information. The user needs to send the sub-file to the software provider or developer by Email, telephone or mail, and the software developer uses the register to generate the license file of the software to send to the user. The user can take this license file to run the software on the terminal.
In the front-end terminal of the airport, the software license of the application system requires to realize software authorization on the premise of not increasing hardware cost, so the application adopts an authorization license management scheme based on license certificates, the airport application software is bound on the hardware fingerprint of a specific computer, and only the authorized computer can run the specified software. The software provider and the airport form a license agreement through the license certificate, and the terminal use time and the software module which can be used by the terminal are limited in the license agreement. When the terminal starts to operate the airport application software, the software firstly detects whether the terminal has a legal license document locally, if the terminal has the legal license document, the software normally operates, otherwise, the user is prompted to need license authorization. The process of checking and verifying is completely transparent to the end user and cannot be felt by the end user, so that the operation flow of the user is reduced, and the complexity of using software on the terminal by the user is reduced.
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Referring to fig. 1, a flowchart of a software security management method provided in an embodiment of the present application is shown, where the method is applied to a terminal, such as an airport counter terminal or a train station counter terminal, and the method in this embodiment is mainly used to perform security protection on software that needs to be used by the terminal on a server, so as to prevent an illegal terminal from installing and using the software, so as to guarantee rights and interests of a software provider.
In this embodiment, the method may include the steps of:
step 101: the terminal generates a use request for the target software to request operation.
The target software is software installed on the terminal, when a user of the terminal starts the target software, for example, double-clicking a software icon of the target software, the terminal responds to the operation of starting the target software by the user to generate a use request, and the use request includes a software identifier of a target application to represent that the user on the terminal needs to run the target software.
Step 102: the terminal searches for the license credential corresponding to the target software, if the license credential is found, step 103 is executed, and if the license credential is not found, step 104 is executed.
In particular, the terminal may look up the license credential corresponding to the target software on its memory, such as a hard disk.
Wherein, the license certificate means: and (3) operating a certificate file, such as a license or an authorization file, of the target software on the license terminal. In this embodiment, the license ticket is obtained from the server based on the terminal configuration information of the terminal. The server is a background server of a software provider and is used for carrying out safety management on software provided for the terminal.
It should be noted that, in this embodiment, the terminal may already have the license credential downloaded from the server in advance, or the terminal may not have the license credential downloaded from the server.
Step 103: and starting the target software based on the searched license certificate.
When the terminal finds the license certificate, the terminal indicates that the license certificate is downloaded from the server once, the terminal is possible to be a legal terminal, and the target software can be started at the moment.
Further, when the terminal finds the license credential, it may first determine whether the license credential is in the valid period, for example, determine whether the current time is within the license duration of the found license credential, and if so, may start the target software or start the target software when the validity check of the found license credential is performed and the check is successful.
It should be noted that, if the current time exceeds the license duration in the searched license ticket, which indicates that the license ticket has expired, the target software is not started any more, and the terminal is required to obtain the legal license ticket again, at this time, step 104 may be executed.
In addition, if the found license credential is verified legally and the verification is unsuccessful, the package name license credential is tampered or other errors occur to cause the license credential to be illegal, the target software is not started at this time, the terminal is required to obtain the legal license credential again, and step 104 may be executed at this time.
It should be noted that, in addition to the license time length for the terminal to run the target software, the license ticket may further include: the function information of the permission terminal operation, wherein the function information of the permission terminal operation means: the license ticket contains information of functions in the target software that the terminal is authorized to use after starting the target software. Thus, under the authorized permission of the license credential, when the terminal starts the target software, the functional component corresponding to the license credential in the target software is in the enabled state which can be started, and the other functional components which are not related to the license credential in the target software are in the disabled state which can not be started.
Step 104: the terminal generates a permission request.
The license request may be generated when the terminal has no license ticket or the existing license ticket is illegal in the former text, or may be generated when the software target software is installed on the terminal for the first time, so as to request the server for the license ticket for legally operating the software.
Specifically, the permission request may include: the terminal configuration information of the terminal is used for representing the uniqueness of the terminal, and the terminal configuration information also can comprise a software identifier of target software to be started, such as a software number or a name.
Step 105: the terminal sends a permission request to the server.
Wherein the terminal may send the permission request to the server through its communication module such as wifi or mobile network module.
Step 106: the server receives a permission request sent by the terminal.
The server receives the permission request sent by the terminal through a communication module of the server.
Step 107: and the server obtains the license certificate based on the terminal configuration information and the software identifier of the target software.
The terminal configuration information may include terminal hardware information, such as a host number, an MAC address of a network card, and the like, and represents uniqueness of the terminal. In addition, the terminal configuration information may also include terminal system information, such as operating system information and IP address information.
In one implementation, the server already has the license credential requested by the terminal, and establishes a mapping relationship between the generated license credential and the corresponding terminal and the software that the terminal is permitted to run by the license credential. For example, the server once generates a license credential for the terminal a to legally run the software B, and in this embodiment, when the license credential on the terminal a is tampered and the verification fails and the license credential is requested again from the server, the server searches for the license credential corresponding to the terminal hardware information and the software identifier from among the plurality of generated license credentials based on the mapping relationship corresponding to the terminal a.
In another implementation manner, the server does not have a license credential requested by the terminal, and at this time, under the condition that the software provider permits, the server generates a license credential for the terminal based on the terminal configuration information and the software identifier, where the license credential is used for licensing the terminal corresponding to the terminal configuration information to run the target software corresponding to the software identifier. For example, when there is no license ticket on terminal a or the license ticket on terminal a expires, the server generates a license ticket that terminal a can run software B, based on the terminal configuration information and software identification of terminal a, under the license of the software provider.
Specifically, the server may generate a license credential based on an asymmetric encryption RSA algorithm, where the license credential may exist in the form of a file or a certificate, and the license credential occupies a small space and does not affect the space usage of the terminal and the server.
For example, the server performs validity verification on the corresponding terminal based on the MAC address or the IP address or the system information in the terminal configuration information, for example, the MAC address is in a valid network card address range, the IP address is in a valid address range, the user name and the password in the system information are in a valid information range, and the like.
Step 108: the server sends the license ticket to the terminal.
Wherein the server can send the license ticket to the terminal using its communication module.
It should be noted that, before sending the license credential to the terminal, the server determines the number of terminals permitted by the license credential at the present time, that is, determines whether the license credential has been permitted to more than a certain number of terminals, so as to avoid the situation that the benefit of the software provider is damaged due to misuse of the license credential.
Specifically, the server may set a limit to the license credential based on the requirement of the software provider or the agreement between the software provider and the user, that is, the number of terminals that are preset by the target software, and the license credential of the target software is only allowed to be authorized to terminals within the limit, and beyond this limit, the license credential of the target software is no longer issued to other terminals, that is: the server judges whether the number of the terminals currently permitted by the license is less than or equal to the number of the terminals preset by the target software, if so, step 108 is executed, otherwise, the license is not sent until the number of the terminals currently permitted by the license is less than or equal to the number of the terminals preset by the target software, therefore, only the terminals within the limit number can start the target software under the license, and the aim of protecting the target software is achieved.
Step 109: and the server records the licensing relation between the target software and the terminal aiming at the license certificate.
It can be seen that, after the server sends the license ticket for a terminal for the first time, the server records a license relationship between the target software for the license ticket and the terminal to record the number of terminals authorized to be licensed by the target software, and if the license relationship between the terminal and the target software has been recorded in the server, it indicates that the server has issued the license ticket for the target software for the terminal, at this time, the license relationship between the terminal and the terminal may not be recorded any more. In the license ticket for the target software, one licensing relationship corresponds to one licensed terminal. Thus, the server can still issue the license ticket to the legitimate terminal until the number of the licensing relationships is less than or equal to the number of the licensing terminals (limit) preset by the target software, and if the number of the licensing relationships exceeds the limit, the server does not issue the license ticket any more.
That is, in the server, the license of the target software to the terminal is characterized in the license relationship, and the number of terminals authorized by the target software is characterized in the number of license relationships.
It should be noted that, the number of terminals permitted to run software may be different according to the different license certificates.
Step 110: the server receives the unbinding instruction.
The unbinding instruction comprises terminal information and software information, the terminal information is information of a terminal to be unbound, the software information is information of software to be unbound, and the unbinding instruction is used for unbinding the operation permission of the software corresponding to the software information on the terminal corresponding to the terminal information.
Specifically, the unbinding instruction may be an instruction generated by a manager performing an unbinding operation on the server, that is: when the software is no longer used on the terminal or the number of the permission relationships exceeds the limit value due to the fact that the license ticket needs to be issued for the new terminal, the manager can perform corresponding unbinding operation on the server, for example, the terminal which does not use the software any longer is removed from the terminal list corresponding to the license ticket, and at the moment, the server generates an unbinding instruction based on the removing operation.
Step 111: and the server deletes the permission relation between the terminal corresponding to the terminal information and the software corresponding to the software information aiming at the permission certificate corresponding to the software information.
For example, in the list formed by the licensing relationship under the licensing credential, the licensing relationship between the terminal corresponding to the terminal information and the software corresponding to the software information is deleted, thereby representing that the licensing credential no longer belongs to the terminal corresponding to the terminal information, and the terminal no longer has the licensing credential capable of starting the software corresponding to the software information. Therefore, when the software is not used on the terminal any more or a license certificate needs to be issued to a new terminal and the number of the license relations exceeds the limit value, the manager can delete the corresponding license relation on the server, so that the license relation between the terminal and the software is unbound, and the license certificate can be issued to the new terminal, so that the software safety is protected, the terminal range of the available software is expanded, and convenience is brought to users.
Step 112: the terminal receives the license credential sent by the server.
Wherein, the terminal can receive the license credential sent by the server by using the communication module of the terminal.
Step 113: the terminal launches the target software based on the license credential.
And the terminal starts the target software under the authorization permission of the license certificate.
It should be noted that, in addition to the license time length for the terminal to run the target software, the license ticket may further include: and licensing the function information run by the terminal, so that under the authorized license of the license credential, when the terminal starts the target software, the functional component corresponding to the license credential in the target software is in an enabled state capable of being started, and other functional components which are not related to the license credential in the target software are in a disabled state incapable of being started.
That is, the terminal may have different license credentials for one target software, different license credentials may have different functional components that the terminal is authorized to run, and different time periods for the licensed terminal to run the software may be different, for example, for terminal a, the server may generate the license credential X for terminal a: the authorization terminal a starts the software B and is able to use the C function in the software B, or the server may generate a license credential Y for it: the authorized terminal a starts the software B and is able to use the D function in the software B, and so on.
In addition, on the server, in this embodiment, the manager may be prompted to maintain in time by monitoring the license ticket, for example, monitoring the license duration of the license ticket, and if the license duration is about to be full, prompting the manager that the license ticket is about to expire at this time; for another example, the duration of non-access of the license in a certain airport is monitored, and if relevant services of the license are not performed for a certain duration, such as 5 days, the manager is reminded that network reasons may exist, the terminal cannot be connected with the server, and the like.
Besides, the server can count the request of the terminal for the license certificate, count the authorized license state of the terminal for the license certificate, and the like, so as to send the result to the manager for relevant maintenance operation.
As can be seen from the foregoing solution, in the software security management method provided in the embodiment of the present application, when the terminal performs secure startup of the software, the software is started only when the terminal has the license credential obtained from the server by using the terminal configuration information. Therefore, in the embodiment, the security protection of the software is realized by obtaining the license credential by using the terminal configuration information, so that the security start of the software can be guaranteed without adding hardware devices such as an encryption tool and the like to check and encrypt, and without the need of a user to perform related input operation, thereby reducing the flow of the software during the security start and reducing the operation of the user, obviously reducing the time length of the user when the user starts the software, and reducing the complexity of the user in using the software.
It should be noted that the technical solution in the present application is applicable to other scenarios that need software protection besides the software management scenario of the airport terminal, and the solutions for protecting software extended based on the ideas in other scenarios are all within the protection scope of the present application.
Referring to fig. 2, a schematic structural diagram of a software security management apparatus according to a second embodiment of the present disclosure is provided, where the apparatus may be configured on a terminal, such as an airport counter terminal or a train station counter terminal, and the apparatus in this embodiment is mainly used to perform security protection on software that needs to be used by the terminal, so as to prevent an illegal terminal from installing software and using the software, so as to guarantee rights and interests of a software provider.
In this embodiment, the apparatus may include the following functional components:
a searching unit 201, configured to search, in response to a usage request for requesting execution of target software, a license credential corresponding to the target software on the terminal.
Wherein the license ticket is obtained from a server based on terminal configuration information of the terminal;
a starting unit 202, configured to, if the license credential is found, start the target software based on the found license credential.
As can be seen from the above-mentioned solutions, in the second software security management apparatus provided in the embodiment of the present application, when the terminal performs secure startup of the software, the software is started only when the terminal has the license credential obtained from the server by using the terminal configuration information. Therefore, in the embodiment, while the secure start of the software is ensured, hardware devices such as an encryption tool do not need to be added for checking and encrypting, and a user does not need to perform related input operations, so that the flow of the secure start of the software is reduced, the user operations are also reduced, the time of the user opening the software is obviously reduced, and the complexity of the user using the software is reduced.
Referring to fig. 3, a schematic structural diagram of a software security management apparatus provided in a third embodiment of the present application is shown, where the apparatus may be configured on a server, such as a background server of a software provider, and the apparatus in this embodiment is mainly used to perform security protection on software that needs to be used by a terminal, so as to prevent an illegal terminal from installing and using the software, so as to guarantee rights and interests of the software provider.
In this embodiment, the apparatus may include the following functional units:
a receiving unit 301, configured to receive a license request sent by a terminal, where the license request includes terminal configuration information of the terminal and identification information of target software to be started.
Wherein, the receiving unit 301 may be implemented by a communication module of the terminal.
An obtaining unit 302, configured to obtain a license credential based on the terminal configuration information and the identification information of the target software;
a sending unit 303, configured to send the license credential to the terminal, so that the terminal starts the target software based on the license credential.
Wherein, the transmitting unit 303 may be implemented by a communication module of the terminal.
As can be seen from the above-mentioned solutions, in the software security management apparatus provided in the third embodiment of the present application, when the terminal performs secure startup of the software, the software is started only when the terminal has the license credential obtained from the server by using the terminal configuration information. Therefore, in the embodiment, while the secure start of the software is ensured, hardware devices such as an encryption tool do not need to be added for checking and encrypting, and a user does not need to perform related input operations, so that the flow of the secure start of the software is reduced, the user operations are also reduced, the time of the user opening the software is obviously reduced, and the complexity of the user using the software is reduced.
For the convenience of understanding, a system to which the solution of the present application is applied is described herein, and reference is made to fig. 4, which is a schematic diagram illustrating a component architecture of a security protection system of software of the present application.
As can be seen from fig. 4, the system may include: the server 10, the terminal 20, and the server 10 and the terminal 20 are connected through a network.
The terminal 20 may be a terminal installed with software such as self-service boarding application software, such as an airport counter terminal or a train station counter terminal.
For example, the user launches a self-check-in application, checks in, prints a check-in card, etc. on the terminal 20. The server 10 provides the license credential for the normal start of the application software on the terminal 20, so as to realize the security protection of the application software, if the application software on the terminal 20 has the license credential obtained from the server 10, the application software can be normally operated on the terminal 20, and if the license credential for the application software on the terminal 20 is not available or the license credential on the terminal 20 is expired or tampered, the application software on the terminal 20 is in a disabled state.
Wherein, the server 10 can use the terminal configuration information of the terminal 20, such as the MAC address, etc., to allocate the license credential for the application software to the terminal.
In the above, the description has been given by taking an example in which the servers are each an independent server, but it is understood that, in actual application, the servers may be replaced with a server cluster or a distributed cluster composed of a plurality of servers.
In order to implement the corresponding functions on each server, the memory of the server needs to store programs for implementing the corresponding functions. To facilitate understanding of the hardware configuration of the server, the server is described as an example. As shown in fig. 5, which is a schematic structural diagram of a server of the present application, the server 10 in this embodiment may include: a processor 501, a memory 502, a communication interface 503, an input unit 504, a display 505, and a communication bus 506.
The processor 501, the memory 502, the communication interface 503, the input unit 504, and the display 505 all communicate with each other through the communication bus 506.
In this embodiment, the processor 501 may be a Central Processing Unit (CPU), an application specific integrated circuit, a digital signal processor, an off-the-shelf programmable gate array, or other programmable logic device.
The processor 501 may call a program stored in the memory 502. Specifically, the processor 501 may perform operations performed on the server side in the following embodiments of the security protection method of software.
The memory 502 is used for storing one or more programs, which may include program codes including computer operation instructions, and in this embodiment, the memory stores at least the programs for implementing the following functions:
receiving a permission request sent by a terminal, wherein the permission request comprises terminal configuration information of the terminal and a software identifier of target software to be started;
obtaining a license certificate based on the terminal configuration information and the software identifier of the target software;
and sending the license credential to the terminal so that the terminal starts the target software based on the license credential.
In one possible implementation, the memory 502 may include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function (such as license credential display, etc.), and the like; the storage data area may store data created according to the use of the computer, such as terminal configuration information and software identification, etc.
Further, the memory 502 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device or other volatile solid state storage device.
The communication interface 503 may be an interface of a communication module, such as an interface of a GSM module, and is capable of receiving a license request from the terminal 20 and sending a license credential obtained by the processor 501 to the terminal 20, so that the terminal 20 can start the target software based on the license credential.
Of course, the structure of the server shown in fig. 5 does not constitute a limitation to the server in the embodiment of the present application, and in practical applications, the server may include more or less components than those shown in fig. 5, or some components may be combined.
As shown in fig. 6, which is a schematic structural diagram of a terminal of the present application, the terminal 20 in this embodiment may include: a processor 601, a memory 602, a communication interface 603, an input unit 604, a display 605, and a communication bus 606.
The processor 601, the memory 602, the communication interface 603, the input unit 604, and the display 605 all communicate with each other via the communication bus 606.
In this embodiment, the processor 601 may be a CPU, an asic, a digital signal processor, an off-the-shelf programmable gate array or other programmable logic device, etc.
The processor 601 may call a program stored in the memory 602. Specifically, the processor 601 may perform operations performed on the server side in the following embodiments of the security protection method of software.
The memory 602 is used for storing one or more programs, which may include program codes including computer operation instructions, and in this embodiment, the memory stores at least the programs for implementing the following functions:
in response to a use request for requesting operation of target software, searching for a license credential corresponding to the target software on the terminal;
wherein the license ticket is obtained from a server based on terminal configuration information of the terminal;
and if the license voucher is found, starting the target software based on the found license voucher.
In one possible implementation, the memory 602 may include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function (such as license credential display, etc.), and the like; the storage data area may store data created during use of the computer, such as license certificates and the like.
Further, the memory 602 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device or other volatile solid state storage device.
The communication interface 603 may be an interface of a communication module, such as an interface of a GSM module, and is capable of sending a license request to the server 10 to request the server 10 to issue a license credential and also capable of receiving the license credential sent by the server 10.
Of course, the structure of the terminal shown in fig. 6 is not limited to the terminal in the embodiment of the present application, and the terminal may include more or less components than those shown in fig. 6 or some components in combination in practical applications.
Based on the above technical solutions, the following examples of the present application in specific applications are illustrated:
the scheme aims to provide the license certificate for the software through the server so as to perform security protection on the software on the terminal. The following will illustrate the security management of the departure front-end system on the airport counter terminal in the present case with reference to the logical composition shown in fig. 7, wherein the system for implementing the security management of software in the present case can be logically divided into the following functional modules:
a front-end verification module 701, a policy management module 702, a certificate management module 703, and an auditing module 704, wherein:
the front-end checking module 701 is arranged on the counter terminal and is mainly used for automatically running and checking the validity of a license when the departure front-end system is started. When the departure front-end system on the counter terminal is started, the front-end checking module automatically monitors whether a local license exists, and if no license exists, the license file can be automatically downloaded to the server according to the configuration file such as the MAC address. If the license exists, the validity and the legality of the license are verified, the departure front-end system can be accessed only through verification, system operation is carried out according to the function granted by the license, the license has no authorized function, and a user of the departure front-end system cannot see the license and cannot use the license. If no license or the license is not verified, the user cannot use the departure front-end system. Meanwhile, the front-end checking module can prompt the user to update the license according to the checking result.
The policy management module 702 is disposed on a server in the background of the software provider, and is mainly used for managing purchase license agreements of various airports. One purchase mode corresponds to one strategy, one airport can flexibly purchase license agreements in various modes according to own business, and one airport also has a plurality of strategies. The policy includes specific authorization contents such as a function that can be used by the airport (a plurality of functions can be flexibly combined), a valid period of the license, an extended number of days of use after the license has expired, and the total number of terminals that are allowed to download the license. The administrator of the license system can add, edit, and delete policies depending on the particular situation. All policies at a certain airport can also be queried at any time.
The license management module 703 is disposed on the server, and is mainly used for real-time management of license downloading. This includes management of the manner and quantity of authentication of the download license terminals.
The authentication of the airport download license terminal adopts three modes: address authentication, password authentication and double authentication. The address authentication means that the license can be downloaded only by a terminal whose MAC address, computer name, or IP address is within a management range. The password authentication means that a terminal requesting to download the user name and the password sent in the license is in a management range can download the password. Double authentication is a combination of address authentication and password authentication. Each airport can adopt different authentication modes according to the self condition.
Each piece of software authorizes the license and can only activate a specified number of computers or terminals. When a computer is successfully activated, the computer will bind with the authorized license used at the time of activation (record of license relationship), and the number of computers allowed to be activated by the authorized license will be permanently reduced by one. Even if the authorized product is later unloaded from the computer, the computer and the authorization license are not unbound. When the license has been activated for the maximum number of computers allowed, the license will not be able to activate any other computers. Considering the requirement of updating the computer at the airport, the module can comprise the unbinding operation of the authorized license and the updating function.
The auditing module 704 is arranged on the server and is mainly used for monitoring abnormal conditions of the license management system and counting use conditions. The license background service affects the front-end starting, and for some abnormal conditions, related personnel, including development, duty, business personnel and the like, need to be notified in the form of mails. The abnormal conditions include: the license is about to expire and the license service is not accessed for N consecutive days at an airport (possibly for network reasons, the entire airport cannot be connected to the service). Meanwhile, some use statistics can be sent to related personnel in time.
Specifically, based on the logic modules, the security management system of the software in the present application performs authorization management on the airport front-end application system, so as to manage the permitted life cycle and the use right of the airport front-end application system on different terminals of each airport. The specific process is as follows:
firstly, a strategy for using an airport front-end application system by an airport is set on a background server:
the policy setting content in the scheme comprises airport names, valid period starting time, valid period ending time, client authorization functions, prolonged use days and the like.
While an airport may have multiple policies so that different terminals may be configured to use different functions.
For a policy that has passed the expiration date, the extended number of days of use may be set according to a different agreement from the airport. Although the system reminds the user that the license is about to expire before the expiration of the service life, temporary time delay in procedures can occur, and the license cannot be renewed in time, so that the number of days for prolonging the use of the license can be set in order not to influence the transaction of the terminal service at the airport counter in the scheme.
Secondly, configuring a matched strategy for the terminal at the airport:
first, the configuration file of the airport front-end application system needs to be modified according to the protocol used by the airport front-end system.
Second, because the license management system has an IP address authentication mechanism, only registered airport counter IPs allow licenses to be downloaded. Therefore, the airport three-character code and all IP lists of the front-end counter terminals needing to download the licenses can be input into the license management system.
Thirdly, verifying the front end of the license at the terminal of the airport:
when the airport terminal starts the airport front-end application system, the license front-end verification is carried out as follows:
1) certificate first check (to determine if it is not to be started to download the certificate)
a invalid certificate: jump to 2);
b is effective but needs to be updated and prompted, and jumps to 2);
c valid and legal, jump to 5)
2) Downloading certificates
a certificate is downloaded successfully, and jumps to 3)
And b, failure of downloading the certificate and business reasons.
c failed download of certificates, network failures, etc. Jump to 3)
3) Certificate secondary check (true check)
a certificate is invalidated. Giving a prompt and jumping to 4).
b certificates are valid but need to be updated. Giving a prompt and jumping to 5).
c valid and legal, jump to 5)
4) Exit airport front-end application system
5) Airport-entering front-end application system
Fourthly, recording the download record of the license
According to the airport terminal system using protocol, the license is provided with download total amount limitation, so that license download records of the counter terminal can be managed. Each counter terminal downloads the certificate for the first time, a record is newly added in a corresponding certificate downloading management table, and when the number of the records in the table is equal to the total downloading amount of the certificate, the certificate cannot be downloaded continuously.
In the scheme, the machine is considered to be the same machine only under the condition that the physical address of the machine and the name of the computer are completely consistent, after any one of the machine and the name of the computer is changed, the machine is judged to be a new counter, and the changed machine is considered to be the new counter when the license is downloaded, so that the total download amount is occupied. For example, in an airport, after a machine is replaced with an old machine, the number of counters which can be used by the airport is reduced because a downloaded license is considered to be occupied by a new counter to take the total download amount (for example, 7 counters are provided, one counter of which is replaced by the machine (can occupy 2 download numbers), and other 6 counters can only use the remaining 5 download numbers and one counter is unavailable), so that logic for loosely processing license downloading is added, that is, the machine is considered to be the same machine only when the physical address and the computer name of the machine are completely consistent, and after any one of the two is changed, the machine is judged to be replaced, and no newly-added record is added in a certificate download management table, so that the number of downloads is not occupied. However, in order to avoid the logic of downloading the loosely processed license from being maliciously utilized, a total amount control principle (that is, the sum of the downloaded number of the corresponding policy and the total amount of the corresponding policy record number in the replacement machine table is not more than a certain proportion) may be adopted in the present application. For example, before downloading the certificate, the total amount is judged, if the ratio of the downloaded number to the total amount of the recorded number is smaller than the preset ratio, the logic of the loose download strategy is adopted, otherwise, if the blacklist table does not have the record of the strategy, the strategy is added into the blacklist and the original logic is adopted (namely, only if the physical address and the name of the machine are completely consistent, the machine is considered to be the same counter, if any one is inconsistent, the machine is considered to be a new counter, and the download strategy occupies the download number).
Fifth, statistics and query
For some abnormal situations, related personnel, including development, duty, service personnel and the like, can be notified in the background server in the form of mails. The abnormal conditions include:
a license is about to expire
b certain airport has no access to the license service for N consecutive days (possibly for network reasons, the whole airport cannot be connected to the service).
Meanwhile, the use condition of the license can be counted and sent to related personnel in time.
Therefore, the system in the embodiment adopts the license authorization file implementation mode of the asymmetric encryption RSA algorithm, and has very high security. In addition, the system in the embodiment is a software authorization license protection technology based on the internet, and compared with a protection technology using additional hardware equipment such as an encryption lock, the system can greatly save hardware, storage, logistics, generation and management costs; meanwhile, unified management and management of software authorization are facilitated, and user experience is improved. Moreover, the software license is provided with a regular network authentication attribute, so that the security strength of protection is improved, and authorization can be tracked and managed.
It should be noted that, in the present specification, the embodiments are all described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments may be referred to each other.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above detailed description of the software security management method, apparatus, terminal and server provided in the present application enables those skilled in the art to implement or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (10)
1. A safety management method of software is characterized in that the method is applied to a terminal and comprises the following steps:
in response to a use request for requesting operation of target software, searching for a license credential corresponding to the target software on the terminal;
wherein the license ticket is obtained from a server based on terminal configuration information of the terminal;
and if the license voucher is found, starting the target software based on the found license voucher.
2. The method of claim 1, wherein starting the target software based on the found license credential comprises:
and judging whether the current time is within the permission duration of the searched permission certificate, and if so, starting the target software.
3. The method according to claim 1 or 2, wherein starting the target software and running the target software based on the found license credential comprises:
checking the searched license certificate, and starting the target software if the checking is successful;
wherein the functional component in the target software corresponding to the found license credential is in an enabled state.
4. A security management method for software is applied to a server, and the method comprises the following steps:
receiving a permission request sent by a terminal, wherein the permission request comprises terminal configuration information of the terminal and a software identifier of target software to be started;
obtaining a license certificate based on the terminal configuration information and the software identifier of the target software;
and sending the license credential to the terminal so that the terminal starts the target software based on the license credential.
5. The method of claim 4, wherein after sending the license credential to the terminal, the method further comprises:
recording a licensing relationship between the target software and the terminal aiming at the licensing certificate;
wherein the method further comprises:
receiving an unbinding instruction; the unbinding instruction comprises terminal information and software information;
and deleting the permission relation between the terminal corresponding to the terminal information and the software corresponding to the software information aiming at the permission certificate corresponding to the software information.
6. The method of claim 4, wherein before sending the permission credential to the terminal, the method further comprises:
judging whether the number of terminals currently permitted by the license is less than or equal to the number of terminals preset by the target software;
and if the number of the terminals currently permitted by the license is less than or equal to the number of the terminals preset by the target software, transmitting the license to the terminals.
7. A software security management device is applied to a terminal, and comprises:
a searching unit, which is used for responding to a use request for requesting operation of target software and searching a license certificate corresponding to the target software on the terminal;
wherein the license ticket is obtained from a server based on terminal configuration information of the terminal;
and the starting unit is used for starting the target software based on the searched license certificate if the license certificate is searched.
8. An apparatus for secure management of software, the apparatus comprising, in an application server:
the device comprises a receiving unit, a starting unit and a starting unit, wherein the receiving unit is used for receiving a permission request sent by a terminal, and the permission request comprises terminal configuration information of the terminal and identification information of target software to be started;
an obtaining unit, configured to obtain a license credential based on the terminal configuration information and the identification information of the target software;
a sending unit, configured to send the license credential to the terminal, so that the terminal starts the target software based on the license credential.
9. A terminal, comprising:
the memory is used for storing an application program and data generated by the running of the application program;
a processor for executing the application to perform the functions of: in response to a use request for requesting operation of target software, searching for a license credential corresponding to the target software on the terminal; wherein the license ticket is obtained from a server based on terminal configuration information of the terminal; and if the license voucher is found, starting the target software based on the found license voucher.
10. A server, comprising:
the terminal comprises a communication interface, a storage module and a starting module, wherein the communication interface is used for receiving a permission request sent by a terminal, and the permission request comprises terminal configuration information of the terminal and identification information of target software to be started;
and the processor is used for obtaining a license credential based on the terminal configuration information and the identification information of the target software, and sending the license credential to the terminal through the communication interface so that the terminal starts the target software based on the license credential.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911149347.1A CN111079091A (en) | 2019-11-21 | 2019-11-21 | Software security management method and device, terminal and server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911149347.1A CN111079091A (en) | 2019-11-21 | 2019-11-21 | Software security management method and device, terminal and server |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111079091A true CN111079091A (en) | 2020-04-28 |
Family
ID=70311463
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911149347.1A Pending CN111079091A (en) | 2019-11-21 | 2019-11-21 | Software security management method and device, terminal and server |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111079091A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112149067A (en) * | 2020-09-29 | 2020-12-29 | 济南博观智能科技有限公司 | Software authorization method, terminal equipment, authorization server and storage medium |
| CN112202772A (en) * | 2020-09-29 | 2021-01-08 | 北京海泰方圆科技股份有限公司 | Authorization management method and device |
| CN112287305A (en) * | 2020-10-30 | 2021-01-29 | 北京深思数盾科技股份有限公司 | Data processing method, user lock and server |
| CN112596740A (en) * | 2020-12-28 | 2021-04-02 | 北京千方科技股份有限公司 | Program deployment method and device |
| CN112632474A (en) * | 2020-12-28 | 2021-04-09 | 湖北亿咖通科技有限公司 | Vehicle-mounted machine software and hardware activation method |
| CN112632484A (en) * | 2020-12-28 | 2021-04-09 | 深圳创维-Rgb电子有限公司 | Software authorization method and device and computer equipment |
| CN112667973A (en) * | 2020-11-30 | 2021-04-16 | 新华三技术有限公司 | Method and device for activating management software of network equipment |
| CN113312592A (en) * | 2021-06-15 | 2021-08-27 | 曙光信息产业(北京)有限公司 | Software license scheduling method, device, equipment and storage medium |
| CN115146252A (en) * | 2022-09-05 | 2022-10-04 | 深圳高灯计算机科技有限公司 | Authorization authentication method, system, computer device and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101710377A (en) * | 2009-10-28 | 2010-05-19 | 金蝶软件(中国)有限公司 | Method for realizing software license service, device and network equipment thereof |
| CN102422300A (en) * | 2009-05-12 | 2012-04-18 | 微软公司 | Enhanced product functionality based on user identification |
| CN103473503A (en) * | 2012-06-05 | 2013-12-25 | 广达电脑股份有限公司 | Dynamic Software Authorization Platform and Method |
| US9003541B1 (en) * | 2009-12-22 | 2015-04-07 | Adobe Systems Incorporated | Method and apparatus for desktop product license portability with user identity subscription using durable tokens |
| CN108664771A (en) * | 2017-03-28 | 2018-10-16 | 鸿富锦精密电子(天津)有限公司 | Security system for software and method |
| GB201912482D0 (en) * | 2019-08-30 | 2019-10-16 | Mobilise Consulting Ltd | Aiuthentication |
-
2019
- 2019-11-21 CN CN201911149347.1A patent/CN111079091A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102422300A (en) * | 2009-05-12 | 2012-04-18 | 微软公司 | Enhanced product functionality based on user identification |
| CN101710377A (en) * | 2009-10-28 | 2010-05-19 | 金蝶软件(中国)有限公司 | Method for realizing software license service, device and network equipment thereof |
| US9003541B1 (en) * | 2009-12-22 | 2015-04-07 | Adobe Systems Incorporated | Method and apparatus for desktop product license portability with user identity subscription using durable tokens |
| CN103473503A (en) * | 2012-06-05 | 2013-12-25 | 广达电脑股份有限公司 | Dynamic Software Authorization Platform and Method |
| CN108664771A (en) * | 2017-03-28 | 2018-10-16 | 鸿富锦精密电子(天津)有限公司 | Security system for software and method |
| GB201912482D0 (en) * | 2019-08-30 | 2019-10-16 | Mobilise Consulting Ltd | Aiuthentication |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112149067B (en) * | 2020-09-29 | 2022-10-18 | 济南博观智能科技有限公司 | Software authorization method, terminal equipment, authorization server and storage medium |
| CN112202772A (en) * | 2020-09-29 | 2021-01-08 | 北京海泰方圆科技股份有限公司 | Authorization management method and device |
| CN112149067A (en) * | 2020-09-29 | 2020-12-29 | 济南博观智能科技有限公司 | Software authorization method, terminal equipment, authorization server and storage medium |
| CN112202772B (en) * | 2020-09-29 | 2021-06-29 | 北京海泰方圆科技股份有限公司 | Authorization management method, device, electronic equipment and medium |
| CN112287305A (en) * | 2020-10-30 | 2021-01-29 | 北京深思数盾科技股份有限公司 | Data processing method, user lock and server |
| CN112287305B (en) * | 2020-10-30 | 2023-09-08 | 北京深盾科技股份有限公司 | Data processing method, user lock and server |
| CN112667973B (en) * | 2020-11-30 | 2023-12-26 | 新华三技术有限公司 | Method and device for activating management software of network equipment |
| CN112667973A (en) * | 2020-11-30 | 2021-04-16 | 新华三技术有限公司 | Method and device for activating management software of network equipment |
| CN112596740A (en) * | 2020-12-28 | 2021-04-02 | 北京千方科技股份有限公司 | Program deployment method and device |
| CN112632484A (en) * | 2020-12-28 | 2021-04-09 | 深圳创维-Rgb电子有限公司 | Software authorization method and device and computer equipment |
| CN112632474A (en) * | 2020-12-28 | 2021-04-09 | 湖北亿咖通科技有限公司 | Vehicle-mounted machine software and hardware activation method |
| CN113312592A (en) * | 2021-06-15 | 2021-08-27 | 曙光信息产业(北京)有限公司 | Software license scheduling method, device, equipment and storage medium |
| CN113312592B (en) * | 2021-06-15 | 2024-03-08 | 曙光信息产业(北京)有限公司 | Scheduling method, device and equipment of software license and storage medium |
| CN115146252A (en) * | 2022-09-05 | 2022-10-04 | 深圳高灯计算机科技有限公司 | Authorization authentication method, system, computer device and storage medium |
| CN115146252B (en) * | 2022-09-05 | 2023-02-21 | 深圳高灯计算机科技有限公司 | Authorization authentication method, system, computer device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111079091A (en) | Software security management method and device, terminal and server | |
| US8984291B2 (en) | Access to a computing environment by computing devices | |
| EP3028489B1 (en) | Centralized selective application approval for mobile devices | |
| JP5624620B2 (en) | Plug-in authority control method and system | |
| US10354068B2 (en) | Anonymized application scanning for mobile devices | |
| JP5522307B2 (en) | System and method for remote maintenance of client systems in electronic networks using software testing with virtual machines | |
| US8561209B2 (en) | Volume encryption lifecycle management | |
| US9336369B2 (en) | Methods of licensing software programs and protecting them from unauthorized use | |
| US9917862B2 (en) | Integrated application scanning and mobile enterprise computing management system | |
| US8250630B2 (en) | Detecting unauthorized computer access | |
| US8839375B2 (en) | Managing distributed operating system physical resources | |
| US9521032B1 (en) | Server for authentication, authorization, and accounting | |
| WO2018118816A1 (en) | Operating system update management for enrolled devices | |
| EP3356978B1 (en) | Applying rights management policies to protected files | |
| CN103413083A (en) | Security defending system for single host | |
| US20070079364A1 (en) | Directory-secured packages for authentication of software installation | |
| EP3884405B1 (en) | Secure count in cloud computing networks | |
| US9129098B2 (en) | Methods of protecting software programs from unauthorized use | |
| US20080189542A1 (en) | Computerized Apparatus And Method For Version Control And Management | |
| US20060064387A1 (en) | Systems and methods for software licensing | |
| US10158623B2 (en) | Data theft deterrence | |
| US20070016770A1 (en) | System and method for managing the initiation of software programs in an information handling system | |
| CN113051614B (en) | Information access processing method, device, equipment and system | |
| JP2005258606A (en) | Network system with information leakage audit function | |
| US20160285690A1 (en) | Single user device staging |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200428 |