Secure sidecar container
US-2024330031-A1 · Oct 3, 2024 · US
Software protection using an installation product having an entitlement file
US9898587B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9898587-B2 |
| Application number | US-201213454555-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 24, 2012 |
| Priority date | Feb 26, 2009 |
| Publication date | Feb 20, 2018 |
| Grant date | Feb 20, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: generating an installation product by an installation product builder application executing on a computer of a licensee of a computer program product, wherein generating an installation product comprises: obtaining an encoded version of the computer program product which is encoded with a public key of the licensee; obtaining an entitlement file which is digitally signed with a private key of a licensor of the computer program product, wherein the entitlement file specifies terms of the licensee's entitled use of the computer program product; obtaining a certified client identity of the licensee of the computer program product, wherein the certified client identity comprises licensee identification information; obtaining cryptographic keys comprising a private key of the licensee and a signature verification public key of the licensor; decoding the encoded version of the computer program product using the private key of the license; decoding a digital signature associated with the entitlement file using the signature verification public key of the licensor to verify that the terms of the licensee's entitled use of the computer program product as provided by the entitlement file are valid; automatically verifying the licensee's entitled use of the computer program product using the validated terms of the licensee's entitled use as specified by the entitlement file; generating a digital signature of the licensee by digitally signing at least the licensee identification information using the private key of the licensee; and generating the installation product by embedding the digital signature of the licensee and the entitlement file and the associated digital signature into the decoded computer program product; storing the installation product in a computer storage device; and determining an attempt to install the computer program product by the installation product and based on the determining, identifying the licensee and verifying the licensee's entitled use of the computer program product using the entitlement file and the associated digital signature, and based on the verifying, installing the computer program product. 2. The method of claim 1 , wherein the entitlement file comprises at least one of a vendor identifier, a user identifier, one or more transaction identifiers, and an asset identifier. 3. The method of claim 1 , wherein verifying the licensee's entitled use of the computer program product using the entitlement file and the associated digital signature comprises applying each term of an entitlement agreement throughout the lifecycle of the computer program product based on integrity and content of the entitlement file. 4. A system, comprising: a memory to store program instructions; and at least one hardware processor device coupled to the memory and operative to execute the program instructions to: generate an installation product by an installation product builder application executing on a computer of a licensee of a computer program product, wherein in generating an installation product, the at least one hardware processor device implements a method comprising: obtaining an encoded version of the computer program product which is encoded with a public key of the licensee; obtaining an entitlement file which is digitally signed with a private key of a licensor of the computer program product, wherein the entitlement file specifies terms of the licensee's entitled use of the computer program product; obtaining a certified client identity of the licensee of the computer program product, wherein the certified client identity comprises licensee identification information; obtaining cryptographic keys comprising a private key of the licensee and a signature verification public key of the licensor; decoding the encoded version of the computer program product using the private key of the license; decoding a digital signature associated with the entitlement file using the signature verification public key of the licensor to verify that the terms of the licensee's entitled use of the computer program product as provided by the entitlement file are valid; automatically verifying the licensee's entitled use of the computer program product using the validated terms of the licensee's entitled use as specified by the entitlement file; generating a digital signature of the licensee by digitally signing at least the licensee identification information using the private key of the licensee; and generating the installation product by embedding the digital signature of the licensee and the entitlement file and the associated digital signature into the decoded computer program product; storing the installation product in a computer storage device; and determining an attempt to install the computer program product by the installation product and based on the determining, identifying the licensee and verifying the licensee's entitled use of the computer program product using the digitally signed entitlement file and the associated digital signature, and based on the verifying, installing the computer program product. 5. The system of claim 4 , wherein the entitlement file comprises at least one of a vendor identifier, a user identifier, one or more transaction identifiers, and an asset identifier. 6. The system of claim 4 , wherein verifying the licensee's entitled use of the computer program product using the entitlement file and the associated digital signature comprises applying each term of an entitlement agreement throughout the lifecycle of the computer program product based on integrity and content of the entitlement file. 7. A computer program product comprising a non-transitory computer readable recordable storage medium comprising computer useable program code stored therein, wherein the computer useable program code is executable by a computer to implement a method comprising: generating an installation product by an installation product builder application executing on a computer of a licensee of a computer program product, wherein generating an installation product comprises: obtaining an encoded version of the computer program product which is encoded with a public key of the licensee; obtaining an entitlement file which is digitally signed with a private key of a licensor of the computer program product, wherein the entitlement file specifies terms of the licensee's entitled use of the computer program product; obtaining a certified client identity of the licensee of the computer program product, wherein the certified client identity comprises licensee identification information; obtaining cryptographic keys comprising a private key of the licensee and a signature verification public key of the licensor; decoding the encoded version of the computer program product using the private key of the licensee; decoding a digital signature associated with the entitlement file using the signature verification public key of the licensor to verify that the terms of the licensee's entitled use of the computer program product as provided by the entitlement file are valid; automatically verifying the licensee's entitled use of the computer program product using the validated terms of the licensee's entitled use as specified by the entitlement file; generating a digital signature of the licensee by digitally signing at least the licensee identification information using the private key of the licensee; and generating the installation product by embedding the digital signature of the licensee and the entitlement file and the associated digital signature into the decoded computer program product; storing the installation product in a computer storage device; and determining an attempt to install
Assignees
Inventors
Classifications
Physics · mapped topic
involving digital signatures · CPC title
- G06F21/10Primary
Protecting distributed programs or content, e.g. vending or licensing of copyrighted material (protection in video systems or pay television H04N7/16) {; Digital rights management [DRM]} · CPC title
Digital content management, e.g. content distribution · CPC title
Special signature format, e.g. XML format · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9898587B2 cover?
- Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the ent…
- Who is the assignee on this patent?
- Hahn Timothy J, Palmer Jr Bernard P, Waidner Michael P, and 2 more
- What technology area does this patent fall under?
- Primary CPC classification G06F21/10. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 20 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).