+

WO1998033296A1 - Systeme de distribution avec authentification - Google Patents

Systeme de distribution avec authentification Download PDF

Info

Publication number
WO1998033296A1
WO1998033296A1 PCT/AU1997/000889 AU9700889W WO9833296A1 WO 1998033296 A1 WO1998033296 A1 WO 1998033296A1 AU 9700889 W AU9700889 W AU 9700889W WO 9833296 A1 WO9833296 A1 WO 9833296A1
Authority
WO
WIPO (PCT)
Prior art keywords
icv
goods
product
software
services
Prior art date
Application number
PCT/AU1997/000889
Other languages
English (en)
Inventor
Michael Joseph Mapson
Lyal Sidney Collins
Original Assignee
Commonwealth Bank Of Australia
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Commonwealth Bank Of Australia filed Critical Commonwealth Bank Of Australia
Priority to AU53038/98A priority Critical patent/AU5303898A/en
Publication of WO1998033296A1 publication Critical patent/WO1998033296A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/16Program or content traceability, e.g. by watermarking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Definitions

  • the present invention relates to distribution systems, particularly those in which the delivery of goods / services can be authenticated as to their integrity or condition of delivery.
  • the present can be used to verify or authenticate the distribution and use of software via a relatively insecure environment.
  • the distribution of software via insecure and untrusted channels is a risk factor when using open, public or untrusted network.
  • a complementary risk stems from ensuring that remotely operated software is operating in an unaltered manner, including all internal functions and internal data values.
  • An object of the present invention is to provide a system, method and / or device which can check the integrity of software distributed over an at least partially insecure network.
  • the present invention provides a system for distributing goods and / or services over a medium which is at least partially insecure, the system including: a means for establishing an Integrity Check Value (ICV), storage means associated with the distribution of the goods and / or services, and comparison means evaluating whether the goods and / or services after distribution have the same ICV as the goods and / or services before distribution.
  • ICV Integrity Check Value
  • the present invention also provides a method of distributing one or more copies of a goods and / or services based product, the method including the steps of: determining a unique identification (Ul) value for the product, determining an ICV encrypting the ICV storing the ICV at a first location recalculating the ICV in a manner determinable from both the first location and the product, distributing a copy of the product to a second location remote from the first location, the distributed product having associated with it the recalculated ICV, and comparing the ICV of the distributed product with the ICV known to the first location.
  • Ul unique identification
  • the encryption of the ICV may be based on the product and/or the Unique Identifier (Ul).
  • the present invention provides a mechanism to distribute and use software in an insecure environment with relatively assured integrity and operation.
  • the present invention stems from the realisation that distribution verification and authentication can be provided by 'attaching', associating and / or incorporating an Integrity Check Value (ICV) or some form of identification discernible only by the distributor and the distributed product to each product or service so distributed.
  • ICV Integrity Check Value
  • the present invention enables software programs to be distributed to remote locations via any channels, including untrusted transmission networks, with the relative assurance that the received software has not been altered or modified in any manner.
  • the present invention describes a method and apparatus to distribute software programs via insecure distribution means with the ability to assure the integrity of these programs, both on first installation and all subsequent use of the program.
  • Programs may be distributed by electronic means in public, open or private networks, or by inclusion on storage media.
  • the present invention discloses a method and apparatus to verify that the program(s) have been installed in an unaltered state, or as in the intended manner of the program's creator, to a central (or trusted) server.
  • a method and apparatus is also specified to enable said programs to prove integrity to a central (or trusted) server, via untrusted networks, upon activation and at any subsequent time.
  • a consequence is that remotely located programs, possibly operating in untrusted environments, can be relatively assured they operate in the approved or desired manner, such approved manner may include ensuring that the program, or the user of the program, is communicating with the network entity (server) they intend to, while the network entity (server) can be relatively assured that the remote program operating in a known manner.
  • Each distributed copy of a program may be individually and uniquely identified.
  • Usage of individual copies of programs may be monitored.
  • the time, date and frequency of use of individual programs may be monitored for signs of abnormal or undesirable usage patterns.
  • the program may refuse to perform further operations unless integrity has been verified by the central (or trusted) server.
  • Individual copies of programs which operate to or through a central service server may be disabled remotely by setting a validity indicator at the central (or trusted) server to a "false" value.
  • Figure 1 illustrates one form of the distribution and initial validation
  • Figure 2 illustrates one form of subsequent validation
  • Figure 3 illustrates one form of Validation request
  • Figure 4 illustrates one form of validation approval
  • Figure 5 illustrates in schematic form an apparatus for implementing the validation of the present invention.
  • the present invention also has application to other goods / services, such as, but is not limited to, copyright material, security functions used for e.g. financial services over open or insecure networks and subscription services where consumption of services require verification and monitoring.
  • each copy of the software therefore has a cryptographically unique hash value (Integrity Check Value or ICV).
  • ICV Integrity Check Value
  • the hash value is recalculated in a specific manner known to both the software and the central site.
  • the result of the received hash calculation / recalculation is electronically communicated to the central site, and validated against ICV entries in the database. If the validation is successful, the program can continue to operate as intended.
  • this validation will occur during the initial installation of the software, and / or on subsequent use of the software. This ensures that software has a chain of authentication from initial installation and preferably through each use of the program.
  • the result of the calculated hash value will be included in every transaction, message or communication session generated by the remote software program. This may be used to provide an audit log of software usage, supplementing audit logs of user activity, which is uniquely linked to both the specific copy of the software program and every resulting transaction.
  • the operation of the present invention involves either one or two distinct phases. These phases are the initial distribution of the software program with integrity, and validating the program integrity with ongoing use. Download Integrity Mechanisms
  • D1 Distribute the software with a unique identification value embedded by the distributor.
  • D2 Distribute the software as an identical copy of a "master version", and distribute the unique identification value by another channel, to be embedded at time of installation by a trusted tool distributed with the software.
  • D3 As with D1 above, with the addition of a challenge/response step.
  • D4 As with D2 above, with the addition of a challenge/response step.
  • D5 As with D3 or D4, with the inclusion of an offset pointer to be used in the ICV calculation process.
  • the offset may be calculated in any deterministic manner which value could be a function of, or incorporate the Ul value.
  • D6 As with D3 and D4 but with the inclusion of a direction indicator to indicate the direction of program data through the ICV calculation process, e.g. from start-of file to end of file or alternatively from end of file to start of file.
  • D7 As with D6 but with the inclusion of an offset pointer for use with the ICV calculation.
  • the offset may be calculated in any deterministic value and be a function of, or incorporate the Ul value.
  • An example of Challenge/Response might be a process whereby the Validation Server (VS), (or some VS agent which makes the data known to the VS), issues some, e.g. date/time dependent, random and recorded, data to the software requesting validation. The data could then be included in the ICV (integrity check value) calculation and (VAL_REQ) message, sent to the validation server.
  • the server is capable of calculating the modified request ICV and whether it is returned within a valid time frame etc. If the VS challenge is responded to correctly within the set parameters, than a VAL_OK message may be issued.
  • V1 The ICV or validation value is a simple hash of the executable file.
  • V2 The ICV is the result of hashing the executable file by use of a pre- calculated offset point in the file as the start of the input to the hash calculation process and continuing until the entire program has been used in calculating the ICV hash value.
  • This offset pointer may be based upon the unique identification value, a fixed pointer chosen by the programmer, or determined in some other manner.
  • V3 As with V1 , with the inclusion of an initialisation value. The initialisation value is included with the program file in the ICV calculation process.
  • the initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations.
  • V4 As with V2 above, with the inclusion of an initialisation value, originated by either the Validation Server or the program itself. The initialisation value is included with the file in the hash calculation process. The initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations.
  • V5 A combination of V2 and V4.
  • the offset pointer is calculated in a manner which includes the initialisation value.
  • the initialisation value is included in the ICV calculation process.
  • the initialisation value is originated by either the Validation Server or the program itself and communicated between the two locations to allow use in duplicate calculations at both locations.
  • V6 As with V2, with the addition of a direction indicator.
  • the ICV is based upon the program file, an offset pointer and a direction flag.
  • the ICV is the hash result from the direction that the program file is processed in (e.g. towards the End Of File or towards the Start Of File) and the offset pointer.
  • V7 As with V6, with the inclusion of a initialisation value.
  • the initialisation value is originated by either the Validation Server or the program itself communicated between the two locations to allow use in duplicate calculations at both locations.
  • the hashing process is well known to those skilled in the art.
  • the hashing process selected should be robust and fit for purpose.
  • Example of hashing processes which might be employed are, (but not confined to), e.g. the
  • Distribution Server performs both distribution and validation functions. This is not necessarily the case, since these two functions may be performed in separately or by separate systems.
  • the Distribution Server possess the Public and Private Key components of an Asymmetric Encryption algorithm. A Symmetric algorithm and process could be used, in addition to or as an alternative.
  • the Master Copy of the program is distributed with the unique identifier
  • the Ul may be embedded at time of distribution or embedded later by a trusted process.
  • the Distribution Server calculates the Integrity Check Value (ICV) from a copy (identical image) of the distributed Master and stores both the Ul and ICV into the Validation Database.
  • ICV Integrity Check Value
  • the installation process occurs, which concludes with the received program being subjected to the same calculation process as used at the Distribution Server, to achieve a recalculated ICV.
  • the recalculated ICV and Ul are sent to the Distribution Server, encrypted by PKDS in a Validation Request (VAL_REQ) message, see figure 3.
  • VAL_REQ Validation Request
  • a Private Key is used to recover the ICV and Ul.
  • the Ul and received ICV components are then compared against the values calculated at time of distribution.
  • the ICV values are transmitted in encrypted form.
  • the encryption process uses Public Key methods to protect the Ul and ICV values from eavesdroppers. It is not necessary, in all cases, to transmit the Public Key, since this may be known within a closed network, or distributed by other means. However and alternatively, the VAL_OK message may be accompanied by a Public Key certificate. The most appropriate implementation should be determined by the application requirements or some affiliated standard.
  • the program may use the same calculation process used at the Verification Server, to achieve a recalculated ICV.
  • the recalculated ICV is sent to the Validation Server in a VAL_REQ message, where it is compared against the values calculated and validated, at the time of distribution.
  • the Ul and ICV values are encrypted by Public Key methods, to prevent other parties correlating the two values, and creating software which may masquerade as valid software. If the stored and recalculated values match, the program is notified of this fact by the use of a digitally signed VAL_OK (effectively a "ticket of authenticity”) message which allows the program to proceed with processing information in accordance with the capabilities included by the program author.
  • the digitally signed "Ticket of Authenticity" can in fact be validated by any entity possessing the Public Key of the Validation Server (PKVS).
  • the digital signing of the Ticket of Authenticity is effected by using the protected and secret key of the validation server (SKVS), at that server.
  • SKVS validation server
  • the technique, using asymmetric cryptography, is well known to those skilled in the art.
  • the Validation and Distribution Servers are shown as different systems, but in practice, it is likely that they will be different functions of the same system. If the Validation and Distribution Servers are different systems, then all distributed programs must contain appropriate public keys (i.e. PKDS and PKVS) to achieve the necessary secure communication paths required for software validation.
  • the program once validated, may then communicate, with time correlated authenticity, to other systems in the electronic network, provided the digitally signed VAL_OK message is transmitted along with the request for connection on the remote network device.
  • PSI Program Sequence Identifier
  • VSSI Validation Server Sequence Identifier
  • the Date/Time stamp enables any recipient to determine when the program was last validated.
  • the recipient of a message or transaction containing a VAL_OK component may then make a valued decision on the validity of the software generating the message, and therefore the reliability which may be placed on the specified transactional data within the message.
  • the recipient of such a message may also check the authenticity of the VAL_OK components by reference to the digital signature on the VAL_OK or by reference to the Validation Server.
  • An initialisation vector is, referring to Figures 3 and 4, a value to be common to both the software or device under registration and the registration entity (validation server). The value is used in the process of calculating the ICV and therefore preferably should occur on a "one time only" basis. This will ensure that each validation is unique in content and cannot be replayed etc.
  • An initialisation vector value might be derived from, (but is not confined to), e.g. the serial number of the device or software, a transaction counter or a date/time stamp. The nett result being a value used to derive a one time token of authenticity for the ICV calculation.
  • FIG. 5 a schematic illustrates a means of implementing the present invention.
  • reference numerals denote:
  • the Software Module The goods/services or program being assured through this process.
  • ICV Calculation process The process that calculates the ICV value, using a Hash Function and other optional processing steps, which may include use of an Initialisation Value or other token, an offset pointed, and direction flag.
  • Direction Flag or indicator which may be used to indicate the direction to process the Software Module in calculating the ICV.
  • the Direction Flag, or indicator will indicate to process from Start of File to End of File, or from End of File towards Start of File. Typically, this will be determined from the Ul and optionally, other values such as IV.
  • Initialisation Value An instance or program specific value which may be used in calculating the ICV.
  • Offset pointer A value which may be used as to indicate an offset start point for processing the Software module as it is processed for ICV calculations. Typically, this will be determined from the Ul and optionally, other values such as IV.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Development Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

La présente invention concerne des systèmes de distribution, en particulier ceux dans lesquels la fourniture de biens/services peut être authentifiée du point de vue de leur intégrité et de leur état à la livraison. Dans une application particulière, mais non exclusive, la présente invention peut être utilisée pour vérifier ou authentifier la distribution et l'utilisation de logiciels, dans un environnement relativement mal protégé. La présente invention repose sur le fait que la distribution, la vérification et l'authentification peuvent être assurées par 'fixation', association et/ou incorporation d'une valeur de vérification de l'intégrité ou d'une autre forme d'identification, qui n'est accessible qu'au distributeur, à chaque produit ou service ainsi distribué.
PCT/AU1997/000889 1997-01-23 1997-12-30 Systeme de distribution avec authentification WO1998033296A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU53038/98A AU5303898A (en) 1997-01-23 1997-12-30 Distribution system with authentication

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AUPO4749A AUPO474997A0 (en) 1997-01-23 1997-01-23 Distribution system with authentication
AUPO4749 1997-01-23

Publications (1)

Publication Number Publication Date
WO1998033296A1 true WO1998033296A1 (fr) 1998-07-30

Family

ID=3799053

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AU1997/000889 WO1998033296A1 (fr) 1997-01-23 1997-12-30 Systeme de distribution avec authentification

Country Status (5)

Country Link
AR (1) AR015351A1 (fr)
AU (1) AUPO474997A0 (fr)
TW (1) TW396327B (fr)
WO (1) WO1998033296A1 (fr)
ZA (1) ZA98513B (fr)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1211587A1 (fr) * 2000-11-30 2002-06-05 Pentap Technologies AG Distribution des logiciels écrits en langage de programmation
US6594761B1 (en) 1999-06-09 2003-07-15 Cloakware Corporation Tamper resistant software encoding
EP1349346A3 (fr) * 2002-03-01 2004-07-14 Alcatel Canada Inc. Chargeur authentifié d'un fichier
EP1265396A4 (fr) * 2001-01-16 2006-08-16 Sony Corp Appareil et procede permettant d'enregistrer et de reproduire des informations
US7162538B1 (en) * 2000-10-04 2007-01-09 Intel Corporation Peer to peer software distribution system
WO2007020574A3 (fr) * 2005-08-12 2007-05-31 Koninkl Philips Electronics Nv Procede et systeme de securite pour application logicielle
EP1312030A4 (fr) * 2000-07-25 2007-07-11 Digimarc Corp Filigranes d'authentification pour objets imprimes et applications associees
EP1366408A4 (fr) * 2001-03-07 2008-07-16 Diebold Inc Systeme et procede de signature numerique par machine de transaction automatique
US7630989B2 (en) 2002-05-17 2009-12-08 Colonial First State Investments Ltd. Transaction management system
FR2945367A1 (fr) * 2009-05-11 2010-11-12 Regie Autonome Transports Procede de controle d'activation d'une application sur une plateforme securisee, par un acteur exterieur a la chaine de chargement.
EP1505470A3 (fr) * 2003-08-06 2012-07-25 Panasonic Corporation Dispositif de génération d'application de terminal et procédé d'authentification d'application
US8261975B2 (en) 2001-03-07 2012-09-11 Diebold, Incorporated Automated banking machine that operates responsive to data bearing records

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1992009160A1 (fr) * 1990-11-07 1992-05-29 Tau Systems Corporation Systeme de securite permettant d'activer des logiciels d'ordinateur personnel dans des endroits eloignes
WO1994016508A1 (fr) * 1993-01-07 1994-07-21 Infonow Corporation Procede, systeme et appareil d'evaluation et de distribution de logiciels
EP0686906A2 (fr) * 1994-06-10 1995-12-13 Sun Microsystems, Inc. Procédé et dispositif pour améliorer la sûreté de logiciel et pour la distribution de logiciel

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1992009160A1 (fr) * 1990-11-07 1992-05-29 Tau Systems Corporation Systeme de securite permettant d'activer des logiciels d'ordinateur personnel dans des endroits eloignes
WO1994016508A1 (fr) * 1993-01-07 1994-07-21 Infonow Corporation Procede, systeme et appareil d'evaluation et de distribution de logiciels
EP0686906A2 (fr) * 1994-06-10 1995-12-13 Sun Microsystems, Inc. Procédé et dispositif pour améliorer la sûreté de logiciel et pour la distribution de logiciel

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
ACM SPECIAL ISSUE, August 1995, BROWNE et al., "Location-Independent Naming for Virtual Distributed Software Repositories", pages 179-185. *
COMPUTER COMMUNICATIONS, Volume 18, No. 6, June 1995, RUBIN A.D., "Secure Distribution of Electronic Documents in a Hostile Environment", pages 429-434. *
IEEE COMPUTER, Volume 28, No. 1, January 1995, LOMAS et al., "To Whom am I Speaking?", pages 50-54. *
IEEE NETWORK OPERATIONS AND MANAGEMENT SYMPOSIUM, Volume 2, 14-18 February 1994, ROSENBLIT, "Secure Software Distribution", pages 486-496. *

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6594761B1 (en) 1999-06-09 2003-07-15 Cloakware Corporation Tamper resistant software encoding
US6842862B2 (en) 1999-06-09 2005-01-11 Cloakware Corporation Tamper resistant software encoding
EP1312030A4 (fr) * 2000-07-25 2007-07-11 Digimarc Corp Filigranes d'authentification pour objets imprimes et applications associees
US7162538B1 (en) * 2000-10-04 2007-01-09 Intel Corporation Peer to peer software distribution system
EP1211587A1 (fr) * 2000-11-30 2002-06-05 Pentap Technologies AG Distribution des logiciels écrits en langage de programmation
US7401231B2 (en) 2001-01-16 2008-07-15 Sony Corporation Information recording/playback device and method
EP1265396A4 (fr) * 2001-01-16 2006-08-16 Sony Corp Appareil et procede permettant d'enregistrer et de reproduire des informations
US8261975B2 (en) 2001-03-07 2012-09-11 Diebold, Incorporated Automated banking machine that operates responsive to data bearing records
EP1366408A4 (fr) * 2001-03-07 2008-07-16 Diebold Inc Systeme et procede de signature numerique par machine de transaction automatique
US8479984B2 (en) 2001-03-07 2013-07-09 Diebold, Incorporated Automated banking machine that operates responsive to data bearing records
EP1349346A3 (fr) * 2002-03-01 2004-07-14 Alcatel Canada Inc. Chargeur authentifié d'un fichier
US7630989B2 (en) 2002-05-17 2009-12-08 Colonial First State Investments Ltd. Transaction management system
EP1505470A3 (fr) * 2003-08-06 2012-07-25 Panasonic Corporation Dispositif de génération d'application de terminal et procédé d'authentification d'application
US8572386B2 (en) 2003-08-06 2013-10-29 Panasonic Corporation Secure device, information processing terminal, integrated circuit, terminal application generation apparatus, application authentication method
JP4856182B2 (ja) * 2005-08-12 2012-01-18 エヌエックスピー ビー ヴィ ソフトウェアアプリケーションセキュリティ方法およびシステム
US8201251B2 (en) 2005-08-12 2012-06-12 Nxp B.V. Software application verification method and system
WO2007020574A3 (fr) * 2005-08-12 2007-05-31 Koninkl Philips Electronics Nv Procede et systeme de securite pour application logicielle
JP2009505208A (ja) * 2005-08-12 2009-02-05 エヌエックスピー ビー ヴィ ソフトウェアアプリケーションセキュリティ方法およびシステム
FR2945367A1 (fr) * 2009-05-11 2010-11-12 Regie Autonome Transports Procede de controle d'activation d'une application sur une plateforme securisee, par un acteur exterieur a la chaine de chargement.

Also Published As

Publication number Publication date
TW396327B (en) 2000-07-01
AR015351A1 (es) 2001-05-02
ZA98513B (en) 1998-07-29
AUPO474997A0 (en) 1997-02-20

Similar Documents

Publication Publication Date Title
CN101145906B (zh) 对单向网络中的接收终端进行合法性认证的方法及系统
US6339828B1 (en) System for supporting secured log-in of multiple users into a plurality of computers using combined presentation of memorized password and transportable passport record
EP1622301B1 (fr) Méthodes et système fournissant une liste de clés publiques hachées dans un système à clé publique
US7734921B2 (en) System and method for guaranteeing software integrity via combined hardware and software authentication
EP0881559B1 (fr) Système d'ordinateur et méthode pour protéger des logiciels
US5745574A (en) Security infrastructure for electronic transactions
JP4113274B2 (ja) 認証装置および方法
EP1407339B1 (fr) Validation de microprogramme
US5878143A (en) Secure transmission of sensitive information over a public/insecure communications medium
JPH10508438A (ja) キー・エスクローおよびデータ・エスクロー暗号化のためのシステムおよび方法
JP2003330365A (ja) コンテンツ配布/受信方法
JP2003216237A (ja) 遠隔監視システム
JP2007511810A (ja) 乱数関数を利用した実行証明
WO1998033296A1 (fr) Systeme de distribution avec authentification
US20030221109A1 (en) Method of and apparatus for digital signatures
JP3985461B2 (ja) 認証方法、コンテンツ送信側機器、コンテンツ受信側機器、認証システム
CN116167020A (zh) 一种软件授权方法及系统
CN118070283A (zh) 软件安全验证方法、装置、电子设备及存储介质
JP5159752B2 (ja) 通信データの検証装置及びそのコンピュータプログラム
CN114692097A (zh) 一种离线软件使用授权方法
JP2000287065A (ja) 画像処理システム
JP2002132145A (ja) 認証方法、認証システム、記録媒体及び情報処理装置
CN114357385A (zh) 一种软件防护和授权方法、系统及装置
EP0259487A1 (fr) Procede et appareil pour repartir et proteger des codes a cles de chiffrement
CN115859389A (zh) 一种基于私有化部署的软件序列号授权方法及系统

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AL AM AT AU AZ BA BB BG BR BY CA CH CN CU CZ DE DK EE ES FI GB GE GH GM GW HU ID IL IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MD MG MK MN MW MX NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT UA UG US UZ VN YU ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW SD SZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

NENP Non-entry into the national phase

Ref country code: JP

Ref document number: 1998531419

Format of ref document f/p: F

122 Ep: pct application non-entry in european phase
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载