Abstract
Most organisations have recently converted their physical assets into digital forms. This underlines the needs to have different types of software products to manage such information, and raises security concerns for protecting software products from being illegally used in organisations. This paper proposes a licence management solution that protects software products from being illegally used. The proposed scheme is based on dividing an organisation devices into dynamic domains, each of which is bound to a single software product. Each dynamic domain has a predefined number of devices that can use the dynamic domain-specific software product. This number is specified by the software provider and is stored in the software licence file. In this case a software product can be installed on multiple devices, and a device can possess multiple software products by joining multiple dynamic domains. The proposed mechanism ensures that the number of used copies of software product does not exceed the limit that is agreed with the software provider.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
spoofing hostids, 2005. http://blogs.sun.com/relling/entry/spoofing hostids.
Spoofing time and space with DTrace, 2005. http://blogs.sun.com/relling/entry/spoofing time
Imad Abbadi. Digital asset protection in personal private networks. In 8th International Symposium on Systems and Information Security (SSI 2006), Sao Jose dos Campos, Sao Paulo, Brazil, November 2006.
Imad Abbadi. Digital rights management using a master control device. In I. Cervesato, editor, ASIAN ’07: Proceedings of the 12th Annual Asian Computing Science Conference Focusing on Computer and Network Security, volume 4846 of Lecture Notes in Computer Science, pages 126–141. Springer-Verlag, Berlin, December 2007.
BSA and IDC Global Software. 2005 piracy study, 2005. http://www.bsa.org.
Natali Helberger, Nicole Dufft, Stef van Gompel, Kristof Kerenyi, Bettina Krings, Rik Lambers, Carsten Orwat, and Ulrich Riehm. Digital rights management and consumer acceptability. Technical report, DG Information Society, December 2004. http://www.indicare.org/soareport.
International Organization for Standardization. ISO/IEC 9798-3, Information technology —Security techniques — Entity authentication — Part 3: Mechanisms using digital signature techniques, 2nd edition, 1998.
M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams. X.509 Internet Public Key Infrastructure Online Certificate Status Protocol — OCSP. RFC 2560, Internet Engineering Task Force, June 1999.
Oracle, 2007. http://www.oracle.com.
A. Sadeghi. Trusted computing — special aspects and challenges. In V. Geffert et al., editor, SOFSEM, volume 4910 of Lecture Notes in Computer Science, pages 98–117. Springer-Verlag, Berlin, 2008.
A. Sadeghi, M. Wolf1, C. Stble, N. Asokan, and J. Ekberg. Enabling fairer digital rights management with trusted computing. In J. Garay et al., editor, Information Security, 10th International Conference, volume 4779 of Lecture Notes in Computer Science, pages 53–70. Springer-Verlag, Berlin, 2007.
Sun Microsystems Inc. Licensing center, 2007. http://www.sun.com/software/licensingcenter/.
Trusted Computing Group. TPM Main, Part 1, Design Principles. Specification version 1.2 Revision 94, 2006.
Trusted Computing Group. TPM Main, Part 2, TPM Structures. Specification version 1.2 Revision 94, 2006.
Weblogic, 2007. http://www.bea.com.
Wikipedia. Dongle, 2007. http://en.wikipedia.org/wiki/Dongle.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Alawneh, M., Abbadi, I.M. (2008). Software Licence Protection and Management for Organisations. In: Jajodia, S., Samarati, P., Cimato, S. (eds) Proceedings of The Ifip Tc 11 23rd International Information Security Conference. SEC 2008. IFIP – The International Federation for Information Processing, vol 278. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-09699-5_33
Download citation
DOI: https://doi.org/10.1007/978-0-387-09699-5_33
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-09698-8
Online ISBN: 978-0-387-09699-5
eBook Packages: Computer ScienceComputer Science (R0)