The invention relates to software licensing, security and authentication, and in particular, method and system for location-driven software licensing.
There is an ever-increasing demand for security in the current digital age. In particular, companies, such as software licensors, regard the protection of software as an important priority. For example, avoiding exploitation of software on a computer can recover lost profits for the software author. However, licensing schemes, especially those using multi-factor authentication, are often intrusive and burdensome to the user experience. Accordingly, it has been difficult to identify a means to avoid exploitation without putting an undue burden on the user experience.
Embodiments of the invention include a method for enabling location based licensure of software. The method beginning with first periodically determining the location of a device having software. Then, generating a license policy for the software, the license policy differentiating between a plurality of defined spatial regions for which licensure of the software is available and wherein the device is licensed to execute the software in at least a first defined spatial region. Next enforcing the license policy such that the device is not enabled to execute the software if the device is located in one of the defined spatial regions that has not been licensed to execute the software according to the license policy.
Later, there is acknowledgement that the device had left the first defined spatial region and entered a second spatial region. When the device leaves a licensed region, executing the software is disabled and the user of the device is prompted to purchase an amendment to the license policy such that the device is licensed to execute the software in the second defined spatial region. Finally, if the user purchased an amendment to the license policy, enforcement at least partially enables the software to execute on the device if the user purchased the amendment.
Another embodiment of the invention includes a system for enabling location based licensure. The system includes a license specification. The license specification manages a licensure policy for digital goods stored on a device, wherein the licensure policy includes predetermined terms and conditions and with personal predetermined rights for the execution of the digital goods on the device, said predetermined terms and conditions including a defined spatial region in which the digital goods are licensed to execute. The system further includes a license enforcement module. The license enforcement module stored on the device and for enforcing the licensure policy upon the digital goods.
Enforcement of the licensure policy includes at least partially enabling the digital goods according to personal predetermined rights while the device is located in the defined spatial region. The enforcement further entails disabling the digital goods according to personal predetermined rights while the device is located outside of the defined spatial region. The system also includes a location receiver communicatively coupled to the license enforcement module and for periodically providing the license enforcement module with location data for the device, the location data obtained from one or more sensors in communication with the device.
Brief definitions of terms, abbreviations, and phrases used throughout this application are given below.
For purposes of this disclosure the terms “software,” “licensable software,” and “digital goods” refer to applications, documents, executable code, programs, and records which are subject to licensing agreements.
For the purposes of this disclosure, the term “heartbeat” or “heartbeat check” as relating to software licensing refers to the act of checking on a key element of a license scheme periodically at predetermined intervals.
For purposes of this disclosure, the term “planned obsolescence” as relating to license codes refers to a license code which is only functional for a predetermined period of time. Embodiments of planned obsolescence comprise licensing where a different license code is required at each heartbeat check.
Token Based Licensing of Digital Goods
In embodiments of the invention a user brings a token within a proximity of a computer, and software on that computer is licensed to execute in a determined manner. Similarly, should the user take the token out of the proximity of the computer, the software is no longer licensed and may not execute in the previously enabled manner. Embodiments of this invention are optionally used as a sole enabling factor for software licensure, or as one factor in a multi-factor authentication (MFA) scheme.
The device 2 includes a device memory 4 containing operating software 6 and an license ID 8. The operating software 6 comprises of instructions and rules of the operation of the device 2. The license ID 8 is a unique identifier held by the device. The license ID 8 comes in multiple formats and is taught in additional detail below. The device 2 also includes a battery 10 and a wireless radio 12. These components transmit data and power as necessary through a device BUS 14. Those skilled in the art will realize a similar device is not limited to those components shown in
In embodiments of the invention, wireless radio 12 comprises and of a Bluetooth communicator, a near-field communicator, a WiFi communicator, or any other suitable limited range, wireless communication method known in the art. The wireless radio 12 establishes communication with a computer 16.
The computer 16 includes, among other things, a CPU 18, a user interface 20, a power source 22, a computer memory 24, a network interface 26 for connecting to the Internet and a computer wireless radio 28 for connecting to the device 2. The computer wireless radio 28 is not be necessary if the device 2 uses a wireless communication protocol similar to the means the computer 16 uses to communicate with the Internet. In that case, the network interface 26 alone is sufficient. These components transmit data and power as necessary through a computer BUS 30. Those skilled in the art will realize a computer is not limited to those components shown in
The computer memory 24 contains a few elements, those elements including, software 32, a license specification 34 and a license enforcement module 36. The software 32 is a computer program in which an author or user wants to regulate execution or access. The license specification 34 contains licensing information pertaining to the software 32 to be regulated. This information includes the name of the software, the version number, the number of copies (or instances) that have instructions that indicate are licensed, authentication information, and any other suitable metadata pertaining to how the software 32 is regulated. Some embodiments include the names of the parties who are licensed to execute or use the software 32. The license enforcement module 36 implements the logic in the license specification 34. The license enforcement module 36 also optionally verifies the authenticity of the license ID 8 of the device 2.
In some embodiments the software modules of
The license ID 8 comes in multiple formats. Embodiments of the license ID 8 are a device ID. Examples of a device ID are any of serial numbers, MAC addresses, or other permanent to semi-permanent unique identifiers. Other embodiments of the license ID 8 are a software license key. Still other embodiments of the license ID 8 are an arbitrary code.
Another embodiment of the invention comprise a license ID 8 which is a morphing token. The morphing token receives periodic instructions to change in some manner. Without periodic instructions the morphing token either becomes outdated or obsolete (for lack of morphing instructions), or self-delete or self-mutilate. The periodic instructions are included on the device 2, in the operating software 6, or come from the Internet.
The device 2 is next placed in proximity to a computer 16 including licensable software (204). The device 2 establishes a connection with the computer 16 (206). In some embodiments, multiple computers connect to the device 2 simultaneously. As an example, Bluetooth range is generally 10 meters, so as many computers 16 as fit within 10 meters connect to the device 2. Different wireless radios have varying ranges. If the wireless protocol is WiFi, there is 20-30 meters of range in which computers 16 connect to the device 2.
Once connected (208), the device 2 provides the license ID 8 to the connected computer 16 (210). Optionally, the computer 16 first requests the license ID 8 from the device 2 before the device 2 provides the license ID 8 to the computer 16. The computer 16, and software modules thereon, then use the license ID 8 as directed by other elements of the invention. After a given time elapses (212), the system again checks if the device 2 is still connected to the computer 16 (208). This check occurs using a heartbeat monitoring feature. If the connection persists, the license ID 8 remains with the computer 16 (210). If the connection has ended, the license ID 8 is revoked (214).
Revocation of the license ID 8 occurs in a variety of ways. In an embodiment the license ID 8 is revoked by the computer 16, or one of the software modules thereon, using instructions to delete the license ID 8 should the connection to the device 2 break. Another method to revoke the license ID 8 is to have the license ID 8 self-delete if the license ID 8 does not receive outside input instructing preservation. A third method of revoking the license ID 8 is for the license ID 8 to consistently change to function, and to cease changing when the connection between the device 2 and the computer 16 is broken.
As mentioned above, this method works while the device 2 is connected to a plurality of computers 16. In some embodiments, there are no additional verification steps before licensure of digital goods occurs. As an illustrative example, a teacher who carried a device 2 walks into a classroom where the device establishes connections with all of the student's computers 16, and the software on the student's computer's 16 is licensed to operate. Once the teacher, and by extension the device 2, left the classroom, the student's computers 16 no longer execute the software.
In another illustrative example, a system administrator who carries the device 2 roams a business freely, and when the administrator with the device 2 came within range of a computer 16 or group of computers 16, additional software features activate on those computers 16. When the administrator went to a different section of the business the software features deactivate.
Alternatively, in other embodiments, it is preferred for the device 2 to act as a single factor in a MFA scheme. In an illustrative example, a user walks into an Internet café carrying a device 2. All the computers 16 in the internet café become primed, but no software is licensed until the user enters in additional input such as any other suitable MFA factor known in the art, or disclosed herein. The software then remains licensed and operational until the user leaves the café and the device 2 leaves proximity with the computers 16 in the café.
The license enforcement module 36 then verifies the authenticity of the license ID 8 (408). Given a valid license ID 8, the license specification 34 provides new logic to the license enforcement module 36 (410). The license enforcement module 36 then enforces the new logic on the software 32 (412). The license enforcement module additionally monitors the connection between the device 2 and the computer 16 as disclosed above (414). Should the connection between the device 2 and the computer 16 break, the license enforcement module 36 deletes the license ID 8 and enforce the original logic (416).
The device 2 is next placed in proximity to a computer 16 including licensable software (504). The device 2 establishes a connection with the computer 16 (506). In some embodiments, multiple computers connect to the device 2 simultaneously. As an example, Bluetooth range is generally 10 meters, so as many computers 16 as fit within 10 meters connect to the device 2. Different wireless radios have varying ranges. If the wireless protocol is WiFi, there is 20-30 meters of range in which computers 16 connect to the device 2. If the wireless protocol is near-field communication (NFC), there is less than a foot of range in which computers 16 connect to the device 2. Other examples include cellular protocol.
Once connected, the device 2 provides the unique ID 38 to the connected computer 16, which in turn provides the unique ID 38 to a cloud server 40 (508). Optionally, the computer 16 first requests the unique ID 38 from the device 2 before the device 2 provides the unique 38 ID 8 to the computer 16. The cloud server 40 then authenticates the unique ID 38 as the unique ID 38 pertains to software licensure and provides the computer with a license key 42 (510). The license key 42 enables the licensed software on the computer to perform according to a predetermined licensing scheme. After a given time elapses (514), the system checks again if the device 2 is still connected to the computer 16 (512). This check occurs using a heartbeat type monitoring feature. If the connection persists, the license key 42 remains with the computer 16 until the next check (512). If the connection has ended, the license key 42 is revoked (516).
Revocation of the license key 42 may occur in a variety of ways. In an embodiment the license ID 8 is revoked by the computer 16, or one of the software modules thereon, having instructions to delete the license key 42 should the connection to the device 2 break. Alternatively, the cloud server 40 issues instructions to the computer 16 to delete the license key 42. Another embodiment uses a morphing license key, having properties similar to the morphing token discussed above.
As mentioned above, this method works while the device 2 is connected to a plurality of computers 16. While connected to a cloud server 40, there are additional controls to the distribution of license keys 42. In an embodiment of the invention, the cloud server 40 only distributes a fixed number of keys at a time, or depends on another variable or factor before issuing a license key 42. Use of a distributed system with a cloud server 42 gives additional controls against exploitation because software activation or licensure is not dependent on the device 2 alone Despite the additional controls there is no additional interruption to the user of the digital good.
In an illustrative example, a new student walks into a university library carrying the device 2 which has the new student's student ID encoded therein. When the new student approaches a bank of computers 16, the device 2 connects to the computers 16 and transmits the student's ID to each of the computers 16. The student selects a computer 16 and attempts to use licensed software, the software, then unlicensed, contacts the cloud server 40 with the new student's unique ID 38, as well as the unique ID's 38 of other old students in the vicinity. The cloud server 40 knows that license keys 42 have been issued to all previous unique ID's 38 and the only new ID is that of the new student, so the cloud server 40 issues a license key 42 to the computer 16 that the new student has chosen. The software is then licensed to operate according to given parameters. When the student leaves the library, the cloud server 40 revokes the license key 42, or cause the license key 42 to be inoperable.
This illustration creates conditions for cases of harassment or exploitation where a malicious actor acquires the license key 42 associated with the new student before the new student was able. In such cases additional factors in a MFA scheme, such as a log on password, biometric authentication, or other challenge/response systems are inserted to prevent harassment.
In other illustrations the cloud server provides other types of regulation depending on numerous factors combined with the device's unique ID 38 including identification of the computer 16 paired with the device 2, the location of the computer 16, the Internet network the computer 16 was on, or any other suitable MFA factor known in the art. The differing types of regulation include issuing license keys 42 with differing permissions, or license keys 42 that enable differing digital goods.
To begin, the hot-spot device 44 is placed in proximity to a computer 16 including licensable software (702). The computer 16 then establishes a connection with the hot-spot device 44, and subsequently the Internet (704). In an embodiment of the invention, multiple computers simultaneously connect to the hot-spot device 44. The computers 16 connect to the hot-spot device 44 as either an unsecured signal, or with a password. The hot-spot device 44 then retrieves a license key 42 from a cloud server 40 (706). The cloud server 40 is enabled to provide similar regulation to the licensed key distribution as disclosed above.
Once connected (708), the device 2 provides the license key 42 to the connected computer 16 (710). Optionally, the computer 16 first requests the license key 42 from the device 2 before the device 2 provides the license key 42 to the computer 16. The computer 16, and software modules thereon, then use the license ID 8 as directed by other elements of the invention. After a given time elapses (712), the system checks again if the device 2 is still connected to the computer 16 (708). This check occurs using a heartbeat type monitoring feature. If the connection persists, the license key 42 remains with the computer 16 (710). If the connection has ended, the license key 42 is revoked (714).
Variations on the license ID 8 include implementations of executable code. Such executable code is used to provide additional features to software 32 running on a computer 16, or even complete software modules. In use, a user comes within proximity to a computer 16 and licensed software or software features is enabled on the computer 16. When the user leaves, the software or the features are deleted. The software or features are transmitted over the wireless connection between the device 2 and the computer 16. The transmission of software or features is by streaming or uploading/downloading. The revocation of the transmitted software or software features is performed as revocation of license materials is described above.
Location-Based Licensing of Digital Goods
In embodiments of this invention, a user brings a device intended to operate certain software to a specific place or region, and software on that device is licensed to execute in a determined manner. Similarly, should the user take the device out of the place or region, the software is no longer licensed and does not execute in the previously enabled manner. Embodiments of this invention are used as a sole enabling factor for software licensure, or as one factor in a multi-factor authentication (MFA) scheme.
Regions are defined in numerous ways. A first method is to create boundaries referring to a plurality of GPS coordinates. Another method is to give a single set of GPS coordinates and provide an acceptable range from that point. Mapped borders additionally are determined vertically by an altimeter. A third method to define regions is through national, municipal, or otherwise sovereign borders. A fourth method to define a region is with a geo-fence. Alternatively, a region is determined by reference to recognizable features (such as a road, or a building perimeter) or any other suitable method known to define property lines. Defining a region is distinct from determining the location of a location aware computer 46.
For example, while an embodiment of a location aware computer 46 determines location through cell phone tower triangulation, that location has corresponding GPS coordinates, even if a GPS device was not used to determine the location. Cross-referencing the location information with the region boundaries enables the method of invention to perform step 1006.
Numerous examples including regions A and B follow. “Region A” and “Region B” are to remain undefined; though, for illustrative purposes, each region is characterized in multiple inconsistent ways to provide examples. While binary region examples are provided, the invention functions with a plurality of regions beyond the first two.
The license specification 34 contains details concerning how to treat various regions. For example, in one embodiment, certain software 32 is only be licensed while accessed in a certain office (Region A). If a user attempted to operate the software 32 from a location aware computer 46 outside of the office's parking lot (Region B), the software is not licensed, and does not execute. Enforcing the license scheme between inside the office's parking lot (A) and outside of the office's parking lot (B) is carried out by the license enforcement module 36. In use, a user activates the software 32 inside the office parking lot (A) where the license enforcement module 36 enables the software 32. As the user carries the location aware computer 46 out of the office parking lot (B), the software 32 becomes unlicensed and cease to function as previous.
Sometimes, licensure of software is not focused on monetization, but rather, enforcement of regulatory compliance of local laws. In another example, certain encryption functions are licensed in a first country (A), but unlicensed in a second country (B) in order to comply with local laws. In this example, a user in a vehicle activates the encryption feature. As the vehicle crosses the border between first (A) and second (B) country the location aware computer 46 encounters a geo-fence or determine using a location sensor 48 that a national border is being been crossed. The encryption feature is then unlicensed and terminates operation.
Referring now to
Licensed software becomes enabled by the license enforcement module 36 (1210). With continued use of the software 32 (1210), a heartbeat location check or event monitor continuously directs the license enforcement module 36 to check the location of the location aware computer 46 (1214).
As an illustrative example, in travelling between a first country (A) and a second country (B), software 32 existing on the location aware computer 46 is only licensed for the first country (A). It is common for software licenses between two countries to have differing prices. Accordingly, a software author may not want a cheaper license to be effective where licenses are more expensive.
Upon leaving the first country (A) the license enforcement module 36 terminates software operation. However, upon entering another country wherein licenses are purchasable, such as the second country (B), the license enforcement module 36 prompts a user of the location aware computer 46 that the user is invited to purchase an additional or temporary license for the second country (B). Or, in another embodiment of the invention, if there is a price difference between the countries, the license enforcement module 36 requires that the user pay the difference. Upon purchasing a license for the second country, which is recorded in the license specification 34, the software 32 is licensed in the second country (B) and operates as normal.
In another illustrative example, a fisherman who is licensed to fish in a given region of water (A) has an operational license for fish finding software. Should the fisherman move to a second region of water (B), the software may prompt the fisherman to purchase an additional license for the software. In this way, multiple regions within the same national borders offer differing licenses from one region to the next.
Although the invention is described herein with reference to the preferred embodiment, one skilled in the art will readily appreciate that other applications may be substituted for those set forth herein without departing from the spirit and scope of the present invention. Accordingly, the invention should only be limited by the Claims included below.