WO2002013017A1 - Encryption system and method - Google Patents
Encryption system and method Download PDFInfo
- Publication number
- WO2002013017A1 WO2002013017A1 PCT/US2001/041555 US0141555W WO0213017A1 WO 2002013017 A1 WO2002013017 A1 WO 2002013017A1 US 0141555 W US0141555 W US 0141555W WO 0213017 A1 WO0213017 A1 WO 0213017A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- installer
- software
- encrypted
- primary
- software application
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 63
- 238000013500 data storage Methods 0.000 claims description 48
- 238000012544 monitoring process Methods 0.000 claims description 6
- 238000009434 installation Methods 0.000 description 48
- 238000010586 diagram Methods 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 230000004913 activation Effects 0.000 description 3
- 238000011900 installation process Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 239000004020 conductor Substances 0.000 description 1
- 229910052802 copper Inorganic materials 0.000 description 1
- 239000010949 copper Substances 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
Definitions
- Non-volatile data storage 106 is a data storage mechanism, such as a hard disk, tape drive, optical storage media, or other suitable storage media.
- Non-volatile data storage 106 includes software system 116, which is a software application that has been installed on processor 102.
- FIGURE 2 is a diagram of a software application 200 in accordance with an exemplary embodiment of the present invention.
- Software application 200 may be stored on a suitable data storage media, such as a floppy disk, a CD-ROM, a zip disk, or other suitable media.
- installer system 212 During installation, installer system 212 encrypts and stores software modules on the non-volatile data memory of the computing platform. If the size of such software modules exceeds the available random access memory size, installer system 212 would be required to store such unencrypted software modules on the non-volatile data memory of the computing platform. This storage would allow such unencrypted software modules to be intercepted for duplication.
- monitor system 208 is used to monitor the installation of software application 200 by installer system 212, and can detect when installer system 212 is going to store a software module to a non-volatile data memory.
- FIGURE 3 is a flowchart of a method 300 for installing a software application in accordance with an exemplary embodiment of the present invention. Method 300 may be used to install an encrypted software application without requiring the software application to be modified in a manner that may cause misoperation of the software application.
- the decrypted installer that has been stored in random access memory is executed.
- the installer may be a secondary installer that is activated by the primary installation program, such that actual installation of the software application is performed by the secondary installer.
- the method then proceeds to 308.
- the software modules are decrypted and stored in random access memory. The software modules are used by the secondary installer to install the software application on the computing platform. The method then proceeds to 310.
Abstract
A system for installing software on a computing platform is provided that does not require unencrypted software modules to be stored on a non-volatile data memory (106) of the computing platform. The system includes a primary installer (114) and an encrypted secondary installer. The primary installer decrypt the secondary installer such that the secondary installer only operates in a dynamic memory (104).
Description
TITLE: ENCRYPTION SYSTEM AND METHOD
FIELD OF THE INVENTION
The present invention relates to encryption systems and methods for software systems, and more particularly to a system and method for encrypting software that allows the original installation configuration of the software application to be used without requiring unencrypted software application components of the original installation configuration of the software application to be stored to non-volatile memory.
BACKGROUND OF THE INVENTION A software application is typically configured to be installed on a computing platform before it may be used. The software application may include one or more software modules that are installed on the computing platform by an installation system. After the installation system installs the software module, the software module may be converted into a software system component that is configured for use on that specific computing platform. Alternatively, the software module may be a general-purpose software module that may be used on many different computing without requiring platform-specific installation. As used herein software modules may generally be copied and used on different computing platforms, whereas software application components are software modules that are installed on a particular computing platform, and are generally configured to be used on that specific computing platform.
Software applications are sold through several methods . One of the most common methods is the distribution of a transportable data storage medium, such as a floppy disk or CD-ROM, on which the software application is stored as an installer system and one or more software modules. Installation of the software application onto the computing platform may include various security measures. For example, the installer program may prompt the user for entry of a serial number, which may then be stored into software modules or software application components. In this manner, the source of the software application may be tracked so as to identify unauthorized versions of the software application. The software application may also be encrypted, such that
entry of a code number that is associated with that version of the software is required in order to decrypt the software.
In addition to direct copying of a software application, unauthorized copies may be made by copying software modules or software application components of the software application. For example, a software module or software application component may be temporarily stored on a nonvolatile data memory device of the computing platform, such as a hard drive, a zip drive, a tape drive, or other suitable forms of non-volatile memory, in the process of being encrypted. Many of these software modules or software application components are too large to be encrypted in a dynamic memory, such as a random access memory device of a computing platform. Thus, it may be possible to intercept the unencrypted software modules or software application components during the installation process. Annual revenue losses to U.S. software producers due to unauthorized copying of software are estimated to be in the billions of dollars.
SUMMARY OF THE INVENTION Therefore, a system and method for encrypting software is required that overcomes the disadvantages of known systems and methods for encrypting software. In particular, a system and method for encrypting software is required that allows a software application to be installed on a computing platform in an encrypted form without allowing unauthorized copying of one or more software modules or software application components. In accordance with an exemplary embodiment of the invention, a system for installing software is provided. The system includes a primary installer and an encrypted secondary installer. The primary installer decrypts the secondary installer and causes it to operate, such that the secondary installer only operates in a dynamic memory.
The present invention provides many important technical advantages. One important technical advantage of the present invention is a system for installing software that prevents unencrypted software modules from being installed to a non- volatile data memory of a computing platform. The system of the present invention allows encrypted copies of software modules to be transferred from a transportable data storage media to a non-volatile data memory of a computing platform without requiring an unencrypted version of the software module to be temporarily stored to the non-volatile data memory.
The technical advance represented by the invention, as well as the objects thereof, will become apparent from the following description of a preferred embodiment of the invention when considered in conjunction with the
accompanying drawings, and the novel features set forth in the appended claims .
BRIEF DESCRIPTION OF THE DRAWINGS FIGURE 1 is a diagram of a system for installing a software application in accordance with an exemplary embodiment of the present invention; FIGURE 2 is a diagram of an installable software application in accordance with an exemplary embodiment of the present invention;
FIGURE 3 is a flowchart of a method for installing a software application in accordance with an exemplary embodiment of the present invention; and
FIGURE 4 is a flowchart of a method for assembling a software system for installation in accordance with an exemplary embodiment of the present invention.
DETAILED DESCRIPTION OF PREFERRED EMBODIMENTS In the description which follows, like parts are marked throughout the specification and drawing with the same reference numerals, respectively. The drawing figures may not be to scale and certain components may be shown in generalized or schematic form and identified by commercial designations in the interest of clarity and conciseness.
FIGURE 1 is a diagram of a system 100 for installing a software application in accordance with an exemplary embodiment of the present invention. System 100 may be used to install an encrypted version of a software application in a manner that does not allow unencrypted versions of software modules to be temporarily created and stored to a nonvolatile data memory. System 100 includes processor 102 and dynamic data memory 104. Processor 102 is a computing platform that is operable to execute software code, and is coupled to dynamic data memory 104 by a suitable means, such as a data bus. As used herein, the term couple and its cognate term such as coupling and coupled, may refer to a physical connection (such as a copper conductor) , a logical connection (such as through logical devices of a semiconducting circuit) , a virtual connection (such as through randomly assigned memory locations of a data memory) , a combination of such connections, or other suitable connections. For example, a connection may be formed through an intervening device .
Processor 102 and dynamic data memory 104 are used to operate software applications. As used herein, a software application may include a single line of code, multiple lines of code, portions of code contained within a program, one or more software objects, one or more software agents, one or
more software subroutines, or other suitable software structures, and may operate on one or more processing platforms. Processor 102 uses dynamic data memory 104 as a dynamic memory for installing software modules and software application components.
System 100 also includes non-volatile data storage 106, which is coupled to processor 102. Non-volatile data storage 106 is a data storage mechanism, such as a hard disk, tape drive, optical storage media, or other suitable storage media. Non-volatile data storage 106 includes software system 116, which is a software application that has been installed on processor 102.
System 100 includes transportable data storage media drive 108, which is configured to access software application 110. Transportable data storage media drive 108 may be implemented in hardware or a suitable combination of hardware and software, and may be a CD-ROM drive, a floppy disk drive, a zip drive, or other suitable transportable data storage media drives. Software application 110 may be one or more encrypted installation programs that have been stored on transportable data storage media. Transportable data storage media drive 108 is coupled to processor 102.
In the exemplary embodiment shown in FIGURE 1, monitor system 112 and installer system 114 are software systems that operate on dynamic data memory 104. Monitor system 112 may also or alternatively be installed on and/or operate on dynamic data memory 104, processor 102, and/or non-volatile data storage 106 after initiation of the installation of software application 110 by processor 102. For example, monitor system 112 may be stored in an encrypted version with software application 110, such that when processor 102
activates the decryption mechanisms, monitor system 112 is installed on dynamic data memory 104 prior to the installation of software application 110. Likewise, monitor system 112 and installer system 114 may also be installed on and/or operate on dynamic data memory 104, processor 102, and/or non-volatile data storage 106, where suitable.
In operation, software application 110 is typically installed by processor 102 onto non-volatile data storage 106, where it is activated upon command by a user. After activation, software components of software application 110 will typically operate on processor 102, dynamic data memory 104, and non-volatile data storage 106. Monitor system '112 and installer system 114 are used to control the installation of software application 110 so that unencrypted software components of software application are not stored, even temporarily, on non-volatile data memory 106, as they could be intercepted and copied. In order to prevent storage of unencrypted software components of software application 110 on non-volatile data storage 106, installer system 114 is configured to operate entirely from dynamic data memory 104 and processor 102.
In one exemplary embodiment, the installation of software application 110 may be initiated by a primary installation system of software application 110, which installs installer system 114 to dynamic data memory 104, and monitor system 112 ■ to dynamic data memory 104 and other suitable locations. Installer system 114 then receives encrypted software modules from software application 110, decrypts the encrypted modules, and executes the software modules so as to install the software application on the computing platform. For example, installer system 114 may
execute a software module that identifies hardware and software components of processor 102, dynamic data memory 104, and non-volatile data storage 106. The execution of the software module takes place entirely in dynamic data memory 104, so that unauthorized copies may not be made of decrypted software modules that are stored to a non-volatile data memory such as non-volatile data storage 106.
After installation, the installed software components of software application 110 are then encrypted by installer system 114 and stored on non-volatile data storage 106 for subsequent use. Thus, installer system 114 may be used to install, decrypt, and encrypt software applications entirely in dynamic data memory 104 of processor 102, which prevents an unauthorized copy of the unencrypted software modules of the application from being made.
Monitor system 112 is used to monitor the operation of installer system 114, so as to determine if installer system 114 is going to store an unencrypted software module or software application component to non-volatile data storage 106. In one exemplary embodiment, monitor system 112 is embodied in "*.vsd" application files that have operational priority over other applications, such as "*.exe" application files. Due to hardware limitations, such as the size of dynamic data memory 104, it may be necessary for installer system 114 to store software modules or software application components to non-volatile data storage 106 prior to and during the encryption process. Monitor system 112 is operable to detect when installer system 114 is going to install such unencrypted software modules or software application components on non-volatile data storage 106, and to interrupt the operation of installer system 114. Monitor
system 112 then transfers encrypted software modules or software application components to non-volatile data storage 106 at suitable locations. For example, the encrypted software modules or software application components may be transferred from software application 110 to non-volatile data storage 106. Alternatively, the encrypted software modules may be transferred to non-volatile data storage 106 prior to activation or installation of the software application 110 on the computing platform. In this manner, monitor system 112 prevents unauthorized copying of unencrypted software modules or software application components that are stored on non-volatile data storage 106 in an unencrypted form, and forces all software modules or software application components to either be installed and encrypted in dynamic data memory 104, or to be copied from software application 110 to non-volatile data storage 106, if insufficient random access memory is available to allow the software modules to be encrypted.
FIGURE 2 is a diagram of a software application 200 in accordance with an exemplary embodiment of the present invention. Software application 200 may be stored on a suitable data storage media, such as a floppy disk, a CD-ROM, a zip disk, or other suitable media.
Software application 200 includes primary decryption system 202 and encrypted installation package 204. Encrypted installation package 204 is encrypted using a suitable encryption mechanism. For example, primary decryption system 202 may be encrypted by electronically monitoring the installation of an unprotected version of installer system 206 so that each step of installation is captured and duplicated. The unencrypted components of installer system
206 may then be replaced with encrypted components and a new installer may be built, such as installer system 206, using the procedure captured from installation of the unprotected version of installer system 206, the software modules of the unprotected version that do not require encryption, and encrypted software modules. Thus, primary decryption system 202 is an executable software application that may be copied to a non-volatile data memory and executed without the risk of unauthorized copying. Encrypted installation package 204 includes installer system 212 and unencrypted software modules 214, which are encrypted using a standard encryption technique. In this manner, encrypted installation package 204 of software application 200 must be decrypted by a suitable decryption system, such as installer system 206 of primary decryption system 202.
In operation, software application 200 is used to install a software system on a processor. Primary decryption system 202 includes a suitable safeguard mechanism that allows it to be executed on a computing platform without allowing unencrypted software modules of primary decryption system 202 to be copied. Thus, primary decryption system 202 allows installer system 206, monitor system 208, and encrypted software modules 210 to be accessible for use in installing other software components of software application 200 onto a computing platform. After activation of primary decryption system 202, installer system 206 is operable to decrypt and install the software application using encrypted installation package 204. For example, installer system 206 may operate on a nonvolatile data storage device, a processor, and a dynamic data
storage device of a computing platform. Encrypted installation package 204 may be configured to be installed on the dynamic data storage device of the computing platform, such that it may install software modules for use by the computing platform without requiring the software modules to be stored in an unencrypted format on a non-volatile data storage medium of the computing platform. Thus, installer system 206 is operable to decrypt encrypted installation package 204 such that installer system 212 and unencrypted software modules 214 are only decrypted in a dynamic data memory, such as a random access memory device of a computing platform. In this manner, the unencrypted software modules 214 of encrypted installation package 204 are not able to be intercepted as they are written to a non-volatile memory device.
During installation, installer system 212 encrypts and stores software modules on the non-volatile data memory of the computing platform. If the size of such software modules exceeds the available random access memory size, installer system 212 would be required to store such unencrypted software modules on the non-volatile data memory of the computing platform. This storage would allow such unencrypted software modules to be intercepted for duplication. In order to prevent potential unauthorized duplication, monitor system 208 is used to monitor the installation of software application 200 by installer system 212, and can detect when installer system 212 is going to store a software module to a non-volatile data memory. Monitor system 208 then interrupts the function of installer system 212, and selects the encrypted software module 210 that corresponds to the unencrypted software module that is
going to be installed on the non-volatile data memory by installer system 212. Monitor system 208 then causes this encrypted software module 210 to be transferred to the nonvolatile data memory. In this manner, only encrypted software modules are stored in a non-volatile data memory device during the installation of the software application 200.
Installer system 212 is then enabled to continue installation of the software application, and the process continues until the software application has been installed on the computing platform. Thus, installation of the software application proceeds in a manner that prevents unencrypted software modules from being written to a nonvolatile data memory, where they can be copied. FIGURE 3 is a flowchart of a method 300 for installing a software application in accordance with an exemplary embodiment of the present invention. Method 300 may be used to install an encrypted software application without requiring the software application to be modified in a manner that may cause misoperation of the software application.
Method 300 begins at 302 where a monitor system is activated. For example, the monitor system may be a software system operating on a processor, a random access memory, or non-volatile data storage device of a computing platform. The method then proceeds to 304 where an installer is decrypted and stored in a random access memory of the computing platform. For example, the installer may be a secondary installer for installing the software application that is decrypted and stored in a random access memory by a primary installer. The primary installer may be encrypted using techniques that require additional verification tests,
such that the encryption method is impractical for the software application but can be used for the general-purpose primary installer. The method then proceeds to 306.
At 306, the decrypted installer that has been stored in random access memory is executed. For example, the installer may be a secondary installer that is activated by the primary installation program, such that actual installation of the software application is performed by the secondary installer. The method then proceeds to 308. At 308, the software modules are decrypted and stored in random access memory. The software modules are used by the secondary installer to install the software application on the computing platform. The method then proceeds to 310.
At 310, the software modules are installed using the installer. For example, the installer may cause the software modules to execute so as to create functioning software application components that control hardware and software systems of the computing platform so that such hardware and software systems operate in a predetermined manner. For example, if the software application being installed is a word processing program, the software modules are installed so as to create executable software application components that will recognize keyboard commands, generate graphic displays, and perform other suitable predetermined functions. Installation of the software modules at 310 does not require storage of a software module to a non-volatile data storage device.
The method then proceeds to 312 where it is determined whether the software application component must be stored. For example, the software application component may be stored in a non-volatile data storage device of the computing
platform. If it is determined at 312 that the software application component must be stored, the method proceeds to 314 where it is determined whether the installer can encrypt the software application component in a dynamic data memory of the computing platform. For example, the random access memory may have a predetermined size or number of memory cells allocated for use by the installer. If this number of memory cells is not sufficient to hold the software application component during encryption, the installer would need to store the software application component to the nonvolatile data memory during encryption.
If it is determined at 314 that the installer can encrypt the software application component in a dynamic memory, the method proceeds to 316 where the software application component is encrypted using the installer. The method then proceeds to 318 where the encrypted software application component is installed in the non-volatile data storage device. The method then proceeds to 324 where it is determined whether additional software modules are required to be processed. If additional software modules are available, the method returns to 308. Otherwise, the method terminates at 326.
If it is determined at 314 that the software application components cannot be encrypted entirely in random access memory by the installer, the method proceeds to 320. At 320, the installer is interrupted by the monitor system. The monitor system then selects, an encrypted version of the software module or software application component, such as by receiving identifying data for the software module and selecting an encrypted version of the software module from a transportable data storage media. The encrypted software
module or software application component is then transferred directly to the non-volatile data storage device.
Alternatively, the monitor system and associated encrypted software modules or software application components may be installed on the non-volatile data storage medium during installation, such that the encrypted software modules or software application components are already stored on the non-volatile data storage media. In this exemplary embodiment, a pointer may be set to point at the previously installed encrypted software module or software application component. The method then proceeds to 322. At 322, the encrypted software module or software application component is installed using the monitor system. The method then proceeds to 324 where it is determined whether additional software modules are present.
In operation, method 300 is used to install a software application in a manner that does not require unencrypted software modules or software application components of the software application to be stored to a non-volatile data storage device. Method 300 may be implemented using an installation monitor system that can inhibit an installer from storing unencrypted software modules or software application components to a non-volatile data storage device. The monitor system is used to oversee the operation of the installer, such that if the installer attempts to write an unencrypted software module or software application component to the non-volatile data storage device, the monitor system inhibits the installer, locates a corresponding encrypted software module or software application component, and writes the encrypted software module or software application component to the non-volatile data storage device.
FIGURE 4 is a flowchart of a method 400 for assembling a software application for distribution in accordance with an exemplary embodiment of the present invention. Method 400 may be used to package software applications for mass distribution in a manner that does not require modification to the software application installation system in order to prevent unencrypted versions of software modules or software system components from being stored on non-volatile data storage devices. Method 400 begins at 402 where installation of the software application from a software installation program is initiated. For example, a software installation program may install the software application on a computing platform. The software installation program and software application could be readily copied if they are not protected by a suitable encryption system. The software installation program is initiated at 402 for monitoring of installation processes, so that a suitable encryption technique and process can be developed for the software installation. . After initiation of the software installation program at 402, the method proceeds to 404 where monitoring of the software system installation is initiated. For example, as the software system installation progresses, software application components may be generated in a dynamic data memory and stored to a non-volatile data storage device. These software application components may comprise system- specific software application components that must be encrypted after installation, if at all, and general application software modules that may be encrypted prior to distribution. The installation process is monitored to detect the generation of such software modules and software
application components that may be encrypted prior to distribution. The method then proceeds to 406 where it is determined whether encryption of these software modules or software application components in the dynamic data memory is possible.
For example, software application components may be small enough to be encrypted in a dynamic data memory of the computing platform. In this case, the unencrypted software application component will not be written to a non-volatile data memory during installation, and does not need to be encrypted for subsequent installation. Likewise, other software modules or software application components such as audiovisual data, graphics data, or other suitable data modules may be encrypted prior to subsequent installation of the software module on a computing platform. If such software modules or software system components are incapable of being encrypted in memory, the method proceeds to 408.
At 408, the software modules or software application components are encrypted and the method proceeds to 410 where the modules are stored for monitored installation. The method then proceeds to 412 where it is determined whether additional software modules must be encrypted. If additional software modules are available, the method returns to 404. Otherwise, the method proceeds to 414. At 414, the installer and software modules are encrypted for mass distribution.
For example, installation of the software application may be accomplished by a master installer that decrypts the encrypted installer and software modules in predetermined blocks, such that the installer and software modules are only in a decrypted state while in a dynamic data memory. The master installer may include a monitor system that tracks the
installation of the software application, and encrypted software modules that will be transferred directly to the non-volatile data memory of the computing platform when the installer attempts to install an unencrypted version of the software module to the non-volatile data memory. The master installer may be encrypted using alternate methods, as it may be easily modified for use with the installation of different software applications and is therefore not subject to the operational constraints imposed on the software application that is being distributed.
In operation, method 400 is used to prepare a software application for mass distribution in a manner that allows the software application to be encrypted but which does not require unencrypted software modules of the software application to be written to a non-volatile data memory. In addition, method 400 does not require the software application to be modified for mass distribution in a manner that would require the operation of the software application to be re-verified. Instead, the software application is executed in dynamic memory, and is monitored to determine whether software modules will be written to a non-volatile data memory during installation. The installation program is inhibited from installing such software modules, and the master installer replaces them with the encrypted software modules.
Although preferred and exemplary embodiments of a system for inspecting components that have been sealed in a packing material have been described in detail herein, those skilled in the art will also recognize that various substitutions and modifications may be made to the systems and methods without departing from the scope and spirit of the appended claims .
Claims
1. A system for installing software on a computing platform comprising: a primary installer; and an encrypted secondary installer, wherein the primary installer is operable to decrypt the secondary installer and to cause the secondary installer to operate in a dynamic memory.
2. The system of claim 1 wherein the primary installer further comprises a monitor system, wherein the monitor system is operable to inhibit the secondary installer from installing an unencrypted software module to a non-volatile memory.
3. The system of claim 1 wherein the primary installer further comprises one or more encrypted software modules.
4. The system of claim 1 wherein the primary installer further comprises: one or more encrypted software modules; and a monitor system, wherein the monitor system is operable to inhibit the secondary installer from installing an unencrypted software module to a non-volatile memory, and to install one of the corresponding encrypted software modules in place of the unencrypted software module.
5. The system of claim 1 wherein the encrypted secondary installer further comprises one or more unencrypted software modules, and the installer is operable to encrypt the one or more unencrypted software modules .
6. The system of claim 1 wherein the primary installer and the encrypted secondary installer are both implemented in executable code on a transportable data storage media.
7. The system of claim 1 wherein the primary installer has been installed on a computing platform and the encrypted secondary installer has been decrypted and is operating in a dynamic memory of the computing platform.
8. A method for installing a software application comprising: installing a primary installer; using the primary installer to decrypt a secondary installer; using the primary installer to cause the decrypted secondary installer to operate in a dynamic memory; and using the secondary installer to encrypt the software application prior to installing the software application.
9. The method of claim 8 wherein installing the primary installer comprises: executing the primary installer from a transportable data storage media; and installing the primary installer into a dynamic memory and a non-volatile memory.
10. The method of claim 8 wherein using the primary installer to decrypt the secondary installer comprises: reading the encrypted secondary installer into the dynamic memory; and decrypting the secondary installer in the dynamic memory.
11. The method of claim 8 wherein using the secondary installer to encrypt the software application prior to installing the software application comprises: decrypting one or more software modules; using the secondary installer to install the one or more software modules; and encrypting the one or more software modules prior to saving them in a non-volatile memory.
12. The method of claim 8 wherein using the secondary installer to encrypt the software application prior to installing the software application comprises: monitoring the secondary installer to determine whether it is going to store an unencrypted software module in a nonvolatile memory; interrupting the secondary installer before the unencrypted software module is stored in the non-volatile memory; and storing an encrypted software module in the non-volatile memory using the primary installer.
13. The method of claim 12 wherein storing the encrypted software module in the non-volatile memory using the primary installer comprises transferring the encrypted software module from the primary installer to a non-volatile memory.
14. A method for protecting a software application comprising: running an installation program from a dynamic memory; monitoring the execution of the program to determine whether one or more software modules are stored in non-volatile memory prior to being encrypted; and storing the encrypted one or more software modules for use when installing a protected version of the software application.
15. The method of claim 14 further comprising encrypting the installation program.
16. The method of claim 14 further comprising: encrypting the installation program; and distributing the encrypted installation program and the encrypted software modules with a primary installer that is operable to decrypt the encrypted installation program and to cause the installation program to execute in another dynamic memory.
17. The method of claim 16 further comprising:
, monitoring the operation of the installation program; interrupting the operation of the installation program if the installation program if it is determined that the installation program is going to store an unencrypted software module in another non-volatile memory; and installing a corresponding encrypted software module to the other non-volatile memory.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| AU2001278201A AU2001278201A1 (en) | 2000-08-03 | 2001-08-03 | Encryption system and method |
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US63150700A | 2000-08-03 | 2000-08-03 | |
| US09/631,507 | 2000-08-03 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| WO2002013017A1 true WO2002013017A1 (en) | 2002-02-14 |
Family
ID=24531502
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| PCT/US2001/041555 WO2002013017A1 (en) | 2000-08-03 | 2001-08-03 | Encryption system and method |
Country Status (2)
| Country | Link |
|---|---|
| AU (1) | AU2001278201A1 (en) |
| WO (1) | WO2002013017A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1499965A1 (en) * | 2002-04-16 | 2005-01-26 | Camms Global Technologies (IP) Pty Ltd. | Data collection system using remotely configurable scripting |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5745568A (en) * | 1995-09-15 | 1998-04-28 | Dell Usa, L.P. | Method of securing CD-ROM data for retrieval by one machine |
| US6006190A (en) * | 1997-04-28 | 1999-12-21 | Tartaroukos Llc | Computer implemented method and a computer system for enforcing software licenses |
| US6223288B1 (en) * | 1998-05-22 | 2001-04-24 | Protexis Inc. | System for persistently encrypting critical software file to prevent installation of software program on unauthorized computers |
-
2001
- 2001-08-03 AU AU2001278201A patent/AU2001278201A1/en not_active Abandoned
- 2001-08-03 WO PCT/US2001/041555 patent/WO2002013017A1/en active Application Filing
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5745568A (en) * | 1995-09-15 | 1998-04-28 | Dell Usa, L.P. | Method of securing CD-ROM data for retrieval by one machine |
| US6006190A (en) * | 1997-04-28 | 1999-12-21 | Tartaroukos Llc | Computer implemented method and a computer system for enforcing software licenses |
| US6223288B1 (en) * | 1998-05-22 | 2001-04-24 | Protexis Inc. | System for persistently encrypting critical software file to prevent installation of software program on unauthorized computers |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1499965A1 (en) * | 2002-04-16 | 2005-01-26 | Camms Global Technologies (IP) Pty Ltd. | Data collection system using remotely configurable scripting |
| EP1499965A4 (en) * | 2002-04-16 | 2007-08-29 | Camms Global Technologies Ip P | Data collection system using remotely configurable scripting |
Also Published As
| Publication number | Publication date |
|---|---|
| AU2001278201A1 (en) | 2002-02-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US4847902A (en) | Digital computer system for executing encrypted programs | |
| US6185686B1 (en) | Computer system and process for accessing an encrypted and self-decrypting digital information product while restricting access to decrypted digital information | |
| US6006190A (en) | Computer implemented method and a computer system for enforcing software licenses | |
| US6868495B1 (en) | One-time pad Encryption key Distribution | |
| US5530752A (en) | Systems and methods for protecting software from unlicensed copying and use | |
| CN100449558C (en) | Sleep protection | |
| KR101054318B1 (en) | Computer-readable media recording information processing systems and programs | |
| EP1084549B1 (en) | Method of controlling usage of software components | |
| EP1396778B1 (en) | Semiconductor device including encryption section, semiconductor device including external interface, and content reproduction method | |
| CN102171704B (en) | External encryption and recovery management with hardware encrypted storage devices | |
| KR100281869B1 (en) | Personal computer with security function, security method thereof and installation and removal method thereof | |
| KR101081118B1 (en) | System and method for securely restoring a program context from a shared memory | |
| WO1998011690A9 (en) | Self-decrypting digital information system and method | |
| US20060143505A1 (en) | Method of providing data security between raid controller and disk drives | |
| US20090037721A1 (en) | Program development method, program development supporting system, and program installation method | |
| EP0266748B1 (en) | A software protection system using a single-key cryptosystem, a hardware-based authorization system and a secure coprocessor | |
| CA2292041A1 (en) | Software program protection mechanism | |
| JP4568489B2 (en) | Program protection method, program protection program, and program protection apparatus | |
| JP4767129B2 (en) | OS switching device and OS switching method | |
| US8972745B2 (en) | Secure data handling in a computer system | |
| EP1440369B1 (en) | Software loading | |
| WO2002013017A1 (en) | Encryption system and method | |
| CN101504708A (en) | Computer security apparatus and method | |
| JP2002244757A (en) | Semiconductor circuit | |
| JP4120702B2 (en) | Information processing system and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW |
|
| AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
| 121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
| REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
| 32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: COMMUNICATION UNDER RULE 69 EPC (EPO FORM 1205A DATED 16.04.2003) |
|
| 122 | Ep: pct application non-entry in european phase | ||
| NENP | Non-entry into the national phase |
Ref country code: JP |