TWI617938B - Device of licensing program, device of purchasing program and method of licensing program thereof - Google Patents
Device of licensing program, device of purchasing program and method of licensing program thereof Download PDFInfo
- Publication number
- TWI617938B TWI617938B TW102123718A TW102123718A TWI617938B TW I617938 B TWI617938 B TW I617938B TW 102123718 A TW102123718 A TW 102123718A TW 102123718 A TW102123718 A TW 102123718A TW I617938 B TWI617938 B TW I617938B
- Authority
- TW
- Taiwan
- Prior art keywords
- authorization verification
- authorization
- operating system
- application
- program
- Prior art date
Links
Landscapes
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
本發明提出一種授權一程式的裝置,該程式包含一標頭,該裝置包含一儲存裝置、一檔案系統、一作業系統、以及一授權驗證元件。該作業系統接收一啟動程式指令並啟動該程式,並將該標頭儲存至該儲存裝置中以供該作業系統讀取該標頭。該授權驗證元件中斷該作業系統將該程式載入一隨機存取記憶體中執行,並與該作業系統或一遠端伺服器配合,以進行一授權驗證。其中當該授權驗證通過後,該授權驗證元件允許該程式繼續載入該隨機存取記憶體中執行。 The present invention provides a device for authorizing a program, the program comprising a header, the device comprising a storage device, a file system, an operating system, and an authorization verification component. The operating system receives an activation program command and starts the program, and stores the header in the storage device for the operating system to read the header. The authorization verification component interrupts the operating system to load the program into a random access memory and cooperates with the operating system or a remote server to perform an authorization verification. When the authorization verification is passed, the authorization verification component allows the program to continue to load the random access memory for execution.
Description
本發明是關於授權一程式的方法,特別是關於雲端授權一程式的方法。 The present invention relates to a method of authorizing a program, and more particularly to a method of authorizing a program in the cloud.
雲端儲存是指網路線上資料儲存的模式,即把資料存放在通常由第三方代管的多台虛擬伺服器,而非專屬的伺服器上。資料中心營運商根據客戶的需求,在後端準備儲存虛擬化的資源,並將其以儲存資源池(storage pool)的方式提供,客戶便可自行使用此儲存資源池來存放檔案或物件。雲端運算是一種基於網際網路的運算方式,透過這種方式,共享的軟硬體資源和訊息可以按需求提供給電腦和其他裝置。雲端運算描述了一種基於網際網路的新的資訊科技(IT)服務增加、使用和交付模式,通常涉及透過網際網路來提供動態交易擴充功能而且經常是虛擬化的資源,使用者能夠存取服務軟體及資料,服務提供者則維護基礎設施及平臺以維持服務正常運作,服務提供者所提供的服務或軟體常被稱為「隨選軟體」,並且通常是基於使用時數來收費,使用者只需具備低複雜度的軟硬體設備即可使用這些服務,這樣可節省企業的成本。由於應用程式是集中供應的,更新可以即時的發佈,無需使用者手動更新或是安裝新的軟體。因此,雲端運算使得企業能夠更迅速的部署應用程式,並降低管理的複雜度及維護成本,及允許IT資源的迅速重新分配以因應企業需求的快速改變。 Cloud storage refers to the mode of data storage on the network, that is, the data is stored in multiple virtual servers that are usually hosted by third parties, rather than dedicated servers. According to the customer's needs, the data center operator prepares to store the virtualized resources on the back end and provides them in a storage pool. The storage resources pool can be used by the customer to store files or objects. Cloud computing is an Internet-based computing method in which shared software and hardware resources and messages can be provided to computers and other devices on demand. Cloud computing describes a new Internet-based information technology (IT) service addition, usage, and delivery model that typically involves providing dynamic transaction extensions over the Internet and often virtualized resources that users can access. Service software and information, service providers maintain infrastructure and platforms to maintain normal service operations. Services or software provided by service providers are often referred to as "on-demand software" and are usually charged based on hours of use. These services can be used only with low-complexity hardware and software devices, which saves the cost of the enterprise. Since the application is centrally available, updates can be released instantly, without the need for users to manually update or install new software. As a result, cloud computing enables organizations to deploy applications more quickly, reduce management complexity and maintenance costs, and allow rapid redistribution of IT resources to respond to rapid changes in business needs.
雲端的概念對於使用者或企業的好處在於其無須購置各類具有強大處理效能的硬體設備和軟體,這些硬體設備的維護和軟體的更新都交由服務商來進行,使用者或企業則是盡量將硬體設備和軟體「虛擬化」。然而,不論是使用者或是企業用戶在購買軟體後會取得序號,在安裝軟體時或啟動程式後輸入序號需經過驗證後才能使用該軟體,一般而言使用者在購買軟體後須等待Email收信取得序號或是經由實體商店取得序號,需要數分鐘到數天不等的等待時間,且有序號產生器來破解序號或是破解軟體驗證機制等動作,亦容易產生盜版的問題。 The concept of the cloud is beneficial to users or enterprises. It does not need to purchase all kinds of hardware devices and software with powerful processing performance. The maintenance and software update of these hardware devices are carried out by the service provider, and the user or enterprise It is to "virtualize" hardware devices and software as much as possible. However, whether the user or the enterprise user obtains the serial number after purchasing the software, the software can be used only after the software is installed or after the program is started, and the user must wait for the email to be collected after purchasing the software. If the letter obtains the serial number or obtains the serial number through the physical store, it takes several minutes to several days to wait for the waiting time, and there is a sequence number generator to crack the serial number or crack the software verification mechanism, etc., and it is easy to cause piracy.
請參閱第一圖,其為習用授權一程式的流程的示意圖。步驟S101,用戶端系統接收啟動應用程式指令。步驟S102,用戶端系統將應用程式載入記憶體中,記憶體可包含硬碟或隨機動態存取記憶體(RAM),應用程式可透過網路從服務端的伺服器先下載到用戶端系統的硬碟,再從硬碟將該應用程式載入到RAM以供執行。應用程式也可以直接從企業內部檔案伺服器載入到用戶端系統的RAM中直接執行。步驟S103,應用程式判斷是否通過授權,若有授權則進入步驟S104,若未通過授權則進入步驟S105。步驟S104,執行應用程式。步驟S105,應用程式要求使用者輸入驗證碼,當驗證成功時,進入步驟S104;當驗證失敗時,進入步驟S106。在步驟S105執行應用程式完畢後或驗證失敗後,則進入步驟S106,結束該程式的流程。 Please refer to the first figure, which is a schematic diagram of the process of the custom authorization program. In step S101, the client system receives the launch application command. Step S102, the client system loads the application into the memory, and the memory may include a hard disk or a random dynamic access memory (RAM), and the application can be downloaded from the server of the server to the client system through the network. The hard drive then loads the application from the hard drive into RAM for execution. The application can also be directly executed from the internal file server of the enterprise and loaded into the RAM of the client system. In step S103, the application determines whether the authorization is passed. If there is authorization, the process proceeds to step S104. If the authorization is not passed, the process proceeds to step S105. Step S104, executing an application. In step S105, the application program asks the user to input the verification code. When the verification is successful, the process proceeds to step S104; when the verification fails, the process proceeds to step S106. After the application is executed in step S105 or after the verification fails, the process proceeds to step S106, and the flow of the program is ended.
在習知授權程式的步驟中,所有的應用程式是先被載入到記憶體中才進行授權的驗證,應用程式可輕易地被複製出來竄改,而繞過授權驗證的動作,因此容易造成軟體盜版的情況。另一種習知技術中係利用驗證授權專用的程式來進行授權驗證,其並非交由用戶端系統的驅動程式控制而使作業系統來驗證,因此授權驗證的完整性與安全性皆降低,造成 盜版軟體的猖獗。而且此類的程式必須依據各種特定的應用程式來撰寫以進行授權驗證,若是應用程式檔案的存取能透過必經之流程來存取,就無需根據不同的應用程式來撰寫驗證授權專用的程式。故期望有一種方法,在軟體載入硬碟或RAM之前,用戶端系統的驅動程式可通知作業系統進行授權驗證後再允許軟體載入RAM,此可避免盜版的問題。 In the steps of the prior authorization program, all applications are first loaded into the memory for authorization verification, and the application can be easily copied and falsified, bypassing the authorization verification action, thus easily causing the software. The situation of piracy. In another prior art, a verification-authorized program is used for authorization verification, which is not controlled by the driver of the client system to enable the operating system to verify, so the integrity and security of the authorization verification are reduced, resulting in The scam of pirated software. Moreover, such programs must be written for authorization verification according to various specific applications. If the access to the application files can be accessed through a necessary process, there is no need to write a program dedicated to verification and authorization according to different applications. . Therefore, it is desirable to have a method in which the driver of the client system can notify the operating system to perform authorization verification before allowing the software to load into the RAM before the software is loaded into the hard disk or the RAM, thereby avoiding the problem of piracy.
對於習知用於企業內部的軟體之授權數量而言,通常是企業內部有幾台電腦就買幾個授權數量以供軟體的安裝,而且軟體安裝完後只能在被安裝軟體的電腦上使用,由於使用同一個序號安裝在兩個不同的電腦或裝置上不符合軟體授權的規定,因此若要在另外一台未安裝電腦上使用,則安裝在原電腦之軟體需被反安裝後,然後軟體才能安裝在另一台電腦上,也就是軟體的使用權必須跟著硬體裝置而有所不同,此種授權方式的缺點是當企業內部的授權數量小於企業內部的電腦數量時,則仍需要購買所有電腦數量的授權數量,授權方式不具彈性。故期望有一種授權方式係與電腦或裝置無關,只需管理授權數量即可。 For the number of authorized software for internal software, it is usually that several computers within the enterprise buy several authorized quantities for software installation, and the software can only be used on the computer where the software is installed after installation. Since the installation of the same serial number on two different computers or devices does not comply with the software license, if you want to use it on another computer that is not installed, the software installed on the original computer needs to be uninstalled, and then the software. It can be installed on another computer, that is, the right to use the software must be different from the hardware device. The disadvantage of this authorization method is that when the number of authorized internal enterprises is less than the number of computers inside the enterprise, it still needs to be purchased. The number of licenses for all computers is not flexible. Therefore, it is desirable to have a license method that is independent of the computer or device, and only need to manage the number of licenses.
依據上述構想,本發明提出一種授權一程式的方法,該程式儲存於一儲存裝置或一遠端伺服器中並包含複數執行檔,該複數執行檔包含一第一執行檔與一第二執行檔,該第一執行檔包含一第一標頭,該第二執行檔包含一第二標頭,該方法包含下列步驟:使一作業系統接收一程式啟動指令並啟動該程式。使該作業系統將該第一標頭儲存於該儲存裝置中以讀取該第一標頭,並使一授權驗證元件中斷該作業系統將該第一執行檔載入一隨機存取記憶體中執行。使該授權驗證元件與該作業系統或該遠端伺服器配合,以進行一授權驗證。當該第一執行檔通過該授權驗證後,該授權驗證元件允許該第一執行檔載入該隨機存取記憶體中執行。當該第二 執行檔被使用時,該作業系統讀取該第二標頭,並由該授權驗證元件與該作業系統或該遠端伺服器配合,以進行另一授權驗證。 According to the above concept, the present invention provides a method for authorizing a program, which is stored in a storage device or a remote server and includes a plurality of executable files, the plurality of executable files including a first executable file and a second executable file. The first executable file includes a first header, and the second executable file includes a second header. The method includes the steps of: causing an operating system to receive a program launch command and launch the program. Having the operating system store the first header in the storage device to read the first header, and causing an authorization verification component to interrupt the operating system to load the first execution file into a random access memory carried out. The authorization verification component is mated with the operating system or the remote server for an authorization verification. After the first execution file is verified by the authorization, the authorization verification component allows the first execution file to be loaded into the random access memory for execution. When the second When the executable file is used, the operating system reads the second header and the authorization verification component cooperates with the operating system or the remote server to perform another authorization verification.
依據上述構想,本發明提出一種授權一程式的方法,包含下列步驟:使一作業系統接收一程式啟動指令並啟動該程式。在該作業系統載入該程式前,使一授權驗證元件與該作業系統之本身或一遠端伺服器配合以進行一授權驗證。當該授權驗證通過後,使該作業系統或一儲存裝置取得一權杖。 In accordance with the above concept, the present invention provides a method of authorizing a program comprising the steps of causing an operating system to receive a program launch command and launch the program. An authorization verification component is coupled to the operating system itself or a remote server to perform an authorization verification before the operating system loads the program. When the authorization verification is passed, the operating system or a storage device obtains a token.
依據上述構想,本發明提出一種授權一程式的裝置,該程式包含一標頭,該裝置包含一儲存裝置、一檔案系統、一作業系統、以及一授權驗證元件。該檔案系統配置於該儲存裝置,該作業系統接收一啟動程式指令並啟動該程式,並將該標頭載入該一隨機存取記憶體中以讀取該標頭。該授權驗證元件中斷該作業系統將該程式載入該隨機存取記憶體中執行,並與該作業系統或一遠端伺服器配合,以進行一授權驗證。其中當該授權驗證通過後,該授權驗證元件允許該程式繼續載入該隨機存取記憶體中執行。 In accordance with the above teachings, the present invention provides a device for authorizing a program, the program comprising a header, the device comprising a storage device, a file system, an operating system, and an authorization verification component. The file system is configured in the storage device, the operating system receives an activation program command and starts the program, and loads the header into the random access memory to read the header. The authorization verification component interrupts the operating system to load the program into the random access memory and cooperates with the operating system or a remote server to perform an authorization verification. When the authorization verification is passed, the authorization verification component allows the program to continue to load the random access memory for execution.
依據上述構想,本發明提出一種授權一程式的方法,包含下列步驟:選取一特定程式。由一本地作業系統本身或一遠端伺服器進行一授權驗證。當該授權驗證通過後,許該作業系統將該特定程式載入至一特定記憶體。 In accordance with the above concept, the present invention provides a method of authorizing a program comprising the steps of: selecting a particular program. An authorization verification is performed by a local operating system itself or a remote server. When the authorization verification is passed, the operating system loads the specific program into a specific memory.
依據上述構想,本發明提出一種程式交易裝置,包含一第一存取元件、一第二存取元件、以及一授權驗證元件。該第一存取元件存取一遠端程式庫,該遠端程式庫包含複數程式。該第二存取元件供一本地作業系統存取,以自該複數程式中選取一特定程式。該授權驗證元件與該本地作業系統本身或一遠端伺服器配合以進行一授權驗證,俾當該授權驗證 通過後,許該特定程式被執行。 In accordance with the above concept, the present invention provides a program transaction apparatus including a first access element, a second access element, and an authorization verification element. The first access element accesses a remote library, and the remote library includes a plurality of programs. The second access element is accessed by a local operating system to select a particular program from the plurality of programs. The authorization verification component cooperates with the local operating system itself or a remote server to perform an authorization verification, and the authorization verification After passing, the specific program is executed.
依據上述構想,本發明提出一種授權一程式的裝置,該裝置包含一主機以及一行動裝置。該主機包含一作業系統與一驅動程式。該行動裝置包含該程式與一授權驗證元件,該授權驗證元件包含一韌體,其中當該行動裝置與該主機耦接時,該軔體中斷該程式從該行動裝置傳送至該主機,且該驅動程式中斷該程式藉由該作業系統載入一隨機存取記憶體執行,該授權驗證元件被啟動以使該作業系統經由該驅動程式而與該韌體配合來進行一授權驗證,當該授權驗證通過後,該軔體允許該程式從該行動裝置傳送到該主機,且該驅動程式允許該程式藉由該作業系統載入該隨機存取記憶體中執行。 In accordance with the above concept, the present invention provides a device for authorizing a program, the device comprising a host and a mobile device. The host includes an operating system and a driver. The mobile device includes the program and an authorization verification component, the authorization verification component includes a firmware, wherein when the mobile device is coupled to the host, the mobile device interrupts transmission of the program from the mobile device to the host, and the The driver interrupts the program by loading the operating system into a random access memory, and the authorization verification component is activated to enable the operating system to cooperate with the firmware to perform an authorization verification via the driver. After verification, the program allows the program to be transferred from the mobile device to the host, and the driver allows the program to be loaded into the random access memory by the operating system.
依據上述構想,本發明提出一種用於一程式交易裝置中授權一程式的方法,該程式交易裝置包含一主機與一行動裝置,該主機包含一驅動程式、一隨機存取記憶體、以及一作業系統,該行動裝置包含一授權驗證元件與該程式,該授權驗證元件包含一韌體,該方法包含下列步驟:耦接該行動裝置與該主機。該軔體中斷該程式從該行動裝置傳送至該主機,且該驅動程式中斷該程式藉由該作業系統載入該隨機存取記憶體執行。該授權驗證元件被啟動以使該作業系統經由該驅動程式而與該韌體配合來進行一授權驗證。當該授權驗證通過後,該軔體允許該程式從該行動裝置傳送到該主機,且該驅動程式允許該程式藉由該作業系統載入該隨機存取記憶體執行。 According to the above concept, the present invention provides a method for authorizing a program in a program transaction device, the program transaction device comprising a host and a mobile device, the host comprising a driver, a random access memory, and an operation The system includes an authorization verification component and the program, the authorization verification component comprising a firmware, the method comprising the steps of: coupling the mobile device to the host. The body interrupts the transfer of the program from the mobile device to the host, and the driver interrupts the program execution by loading the random access memory by the operating system. The authorization verification component is activated to cause the operating system to cooperate with the firmware to perform an authorization verification via the driver. When the authorization is verified, the body allows the program to be transferred from the mobile device to the host, and the driver allows the program to be loaded by the operating system to load the random access memory.
藉由本發明所提供的授權一程式的方法以及程式交易平台,企業用戶購買之授權數量可彈性調配以減少不必要的購買授權數量,此對於企業用戶可更經濟地購買所需之軟體來安裝,而達到企業用戶對於應用程式的授權數量需求。另一方面,對於提供應用程式的廠商而言,更 嚴密的授權驗證可降低應用程式盜版的機率,此對提供應用程式的廠商更有保障。本發明亦可適用於一般用戶。 With the method of authorizing a program and the program trading platform provided by the present invention, the number of licenses purchased by the enterprise user can be flexibly adjusted to reduce the number of unnecessary purchase authorizations, which can be installed by the enterprise user more economically to purchase the required software. And to meet the needs of enterprise users for the number of applications authorized. On the other hand, for vendors that provide applications, Tight authorization verification reduces the chances of application piracy, which is more secure for vendors who provide applications. The invention is also applicable to general users.
301‧‧‧主應用程式 301‧‧‧ main application
302‧‧‧本地作業系統 302‧‧‧Local operating system
302‧‧‧檔案系統 302‧‧‧File System
304‧‧‧隨機存取記憶體 304‧‧‧ Random access memory
305‧‧‧遠端伺服器 305‧‧‧Remote Server
306‧‧‧儲存裝置 306‧‧‧Storage device
307‧‧‧授權驗證元件 307‧‧‧Authorization verification component
30‧‧‧程式交易系統 30‧‧‧Program Trading System
40‧‧‧雲端系統 40‧‧‧Cloud System
32‧‧‧程式交易裝置 32‧‧‧Program Trading Device
42‧‧‧公有雲 42‧‧‧public cloud
44‧‧‧私有雲 44‧‧‧Private cloud
421‧‧‧雲端主機 421‧‧‧Cloud Host
422‧‧‧網際網路 422‧‧‧Internet
441‧‧‧軟體主機 441‧‧‧Software host
442‧‧‧區域網路 442‧‧‧Local Network
443,444,445,446,447‧‧‧電腦主機 443,444,445,446,447‧‧‧Computer host
50,60‧‧‧授權一程式的系統 50, 60‧‧‧ Authorized system
501‧‧‧檔案系統 501‧‧‧File System
52,62‧‧‧授權一程式的裝置 52, 62‧‧‧ Authorized device
502‧‧‧作業系統 502‧‧‧ operating system
503,603‧‧‧授權驗證元件 503,603‧‧‧Authorization verification component
504,604‧‧‧啟動程式指令 504, 604‧‧‧ Startup program instructions
505,609‧‧‧程式 505, 609‧‧‧ program
506‧‧‧遠端伺服器 506‧‧‧Remote Server
5050,6090‧‧‧標頭 5050, 6090‧‧ ‧ heading
507‧‧‧儲存裝置 507‧‧‧Storage device
508‧‧‧隨機存取記憶體 508‧‧‧ random access memory
602‧‧‧作業系統 602‧‧‧ operating system
601‧‧‧行動裝置 601‧‧‧ mobile device
607‧‧‧韌體 607‧‧‧ Firmware
611‧‧‧主機 611‧‧‧Host
309,608‧‧‧驅動程式 309,608‧‧‧Driver
第一圖,習用授權一程式的流程的示意圖。 The first figure is a schematic diagram of the process of authorizing a program.
第二圖,本發明第一較佳實施例授權的流程的示意圖。 The second figure is a schematic diagram of the flow of the authorization of the first preferred embodiment of the present invention.
第三圖,本發明第一較佳實施例一程式交易系統的示意圖。 Third, a schematic diagram of a program transaction system in accordance with a first preferred embodiment of the present invention.
第四圖,本發明第二較佳實施例雲端系統授權的示意圖。 Fourth, a schematic diagram of a cloud system authorization according to a second preferred embodiment of the present invention.
第五圖,本發明第三較佳實施例授權一程式的方法之示意圖。 Figure 5 is a schematic illustration of a method of authorizing a program in accordance with a third preferred embodiment of the present invention.
第六圖,本發明第四較佳實施例授權一程式的示意圖。 Figure 6 is a schematic diagram of a program authorized by a fourth preferred embodiment of the present invention.
第七圖(a),本發明另一較佳實施例授權一程式的系統的示意圖。 Figure 7 (a) is a schematic illustration of a system for authorizing a program in accordance with another preferred embodiment of the present invention.
第七圖(b),本發明另一較佳實施例授權一程式的系統的示意圖。 Figure 7(b) is a schematic illustration of a system for authorizing a program in accordance with another preferred embodiment of the present invention.
第八圖,本發明另一較佳實施例授權一程式的方法之示意圖。 Figure 8 is a schematic illustration of a method of authorizing a program in accordance with another preferred embodiment of the present invention.
第九圖,本發明在一程式交易裝置中授權一程式的方法之示意圖。 Figure 9 is a schematic illustration of a method of authorizing a program in a program transaction device in accordance with the present invention.
請參酌本發明的附圖來閱讀下面的詳細說明,其中本發明的附圖是以舉例說明的方式,來介紹本發明各種不同的實施例,並供瞭解如何實現本發明。本發明提供充分的實施例來說明本發明的精神,而各實施例之間並不互斥而可相互任意組合形成新的實施例,意即本發明不限於文中所載之實施例。 The detailed description of the present invention is to be understood by the claims The present invention is not limited to the embodiments shown in the accompanying drawings. The present invention is not limited to the embodiments described herein.
請參閱第二圖,其為本發明第一較佳實施例授權的流程的示意圖。用戶端系統在使用應用程式交易平台之前須安裝主應用程式,主應用程式系免費提供給用戶下載安裝,主應用程式包含了溝通作業系統與硬體裝置的驅動程式、以及用戶端系統的作業系統所需讀取之記憶體空間的資訊。步驟S201:用戶端系統接收啟動應用程式指令。步驟S202,判斷授權。在步驟S202中,在存取購買的應用程式的檔案之前由用戶端系統的作業系統將授權之資料傳送至遠端伺服器來進行授權驗證。在未通過授權驗證之前,當用戶端系統的作業系統的流程進行到讀取購買的應用程式檔案的流程時,驅動程式會停止讀取購買的應用程式檔案,此時由用戶端系統的作業系統來進行授權驗證。當授權驗證成功時,則該驅動程式允許繼續讀取購買的應用程式檔案,進入步驟S203;當授權驗證成功時,則進入步驟S204。步驟S203,該驅動程式將購買的應用程式檔案交給用戶端系統的作業系統控制。步驟S204,該遠端伺服器要求使用者提供帳號與密碼來登入該遠端伺服器的授權系統。步驟S205,該遠端伺服器檢查該帳號的付款狀態,當該帳號的付款狀態是已經付款的狀態時,則進入步驟S203,然後依序進入步驟S206、S207;當該帳號的付款狀態是未付款的狀態時,則進入步驟S207。步驟S206該作業系統將購買的應用程式檔案載入用戶端系統的隨機存取記憶體(RAM)中執行。步驟S207係結束主應用程式。 Please refer to the second figure, which is a schematic diagram of the flow of authorization according to the first preferred embodiment of the present invention. The client system must install the main application before using the application trading platform. The main application is provided to the user for download and installation free of charge. The main application includes the driver for communicating the operating system and the hardware device, and the operating system of the client system. Information about the memory space that needs to be read. Step S201: The client system receives the launch application command. In step S202, the authorization is determined. In step S202, the authorization data is transmitted by the operating system of the client system to the remote server for authorization verification before accessing the file of the purchased application. Before the authorization verification is performed, when the flow of the operating system of the client system proceeds to the process of reading the purchased application file, the driver stops reading the purchased application file, and the operating system of the client system at this time To perform authorization verification. When the authorization verification is successful, the driver allows to continue reading the purchased application file, and proceeds to step S203; when the authorization verification is successful, proceeds to step S204. In step S203, the driver delivers the purchased application file to the operating system control of the client system. Step S204, the remote server requires the user to provide an account and a password to log in to the remote server's authorization system. Step S205, the remote server checks the payment status of the account. When the payment status of the account is the paid status, the process goes to step S203, and then proceeds to steps S206 and S207 in sequence; when the payment status of the account is not When the status of the payment is made, the process proceeds to step S207. Step S206: The operating system loads the purchased application file into a random access memory (RAM) of the client system for execution. Step S207 ends the main application.
請參閱第三圖,其為本發明第一較佳實施例一程式交易系統30的示意圖。該程式交易系統30包含一程式交易裝置32以及遠端伺服器305。該程式交易裝置32包含一第一存取元件、一第二存取元件、以及一授權驗證元件307。例如,該第一存取元件為儲存裝置306,且該第二存取元件為隨機存取記憶體304。該第一存取元件存取遠端伺服器305的遠端程式庫,該遠端程式庫包含複數程式,也就是想要購買的應用程式。該第二存取元件供本地作業系統302存取,以自該複數程式中選取一特定程式。該授權驗證元件307與該本地作業系統本身302或遠端伺服器305配合以進行一授權驗證,俾當該授權驗證通過後,許該特定程式被執行。 Please refer to the third figure, which is a schematic diagram of a program transaction system 30 according to a first preferred embodiment of the present invention. The program transaction system 30 includes a program transaction device 32 and a remote server 305. The program transaction device 32 includes a first access element, a second access element, and an authorization verification component 307. For example, the first access element is a storage device 306 and the second access element is a random access memory 304. The first access element accesses a remote program library of the remote server 305, and the remote program library includes a plurality of programs, that is, an application to be purchased. The second access element is accessible to the local operating system 302 to select a particular program from the plurality of programs. The authorization verification component 307 cooperates with the local operating system itself 302 or the remote server 305 to perform an authorization verification, and when the authorization verification is passed, the specific program is executed.
在第三圖中,該程式交易裝置32更包含一主應用程式301、一本地作業系統302、一驅動程式309、以及一檔案系統303。當所要購買的應用程式被選取以被執行時,本地作業系統302會讀取該購買的應用程式的標頭(Header),以確認該購買的應用程式所需之記憶體大小等資訊,然後分配(allocate)給該購買的應用程式一個新的程序(process),並啟動該新的程序,此時授權驗證元件307被啟動而傳送驗證資訊2,以向遠端伺服器305進行授權驗證,授權驗證元件307在被通知通過授權驗證後,傳送控制訊息1,2,以及3的其中之一以分別控制儲存裝置306、檔案系統303、以及驅動程式309的其中之一,以允許將該購買的應用程式檔案從該遠端伺服器305儲存到儲存裝置306、將該購買的應用程式檔案透過該驅動程式309從該儲存裝置306儲存到該檔案系統303、以及由本地作業系統302將該購買的應用程式檔案從檔案系統303載入到該隨機存取記憶體304以供執行。在另一較佳實施例中授權驗證元件307亦可傳送驗證資訊1向本地作業系統302進行授權驗證,在授權驗證通過後,同樣地,授權驗證元件307傳送控制訊息1以及控制訊息2以允許將該購買的應用程式檔案從遠端 伺服器305的程式庫載入到隨機存取記憶體304中執行。在第三圖中儲存裝置306與隨機存取記憶體304之間的虛線代表該購買的應用程式檔案在其間是間接存取,也就是該購買的應用程式檔案之資料係經過儲存裝置306、驅動程式309、檔案系統303、作業系統302之後載入該隨機存取記憶體304來執行。 In the third figure, the program transaction device 32 further includes a main application 301, a local operating system 302, a driver 309, and a file system 303. When the application to be purchased is selected to be executed, the local operating system 302 reads the header of the purchased application to confirm information such as the size of the memory required by the purchased application, and then allocates (allocate) a new process for the purchased application, and start the new program, at which time the authorization verification component 307 is activated to transmit the verification information 2 to perform authorization verification, authorization to the remote server 305. The verification component 307, after being notified of the authorization verification, transmits one of the control messages 1, 2, and 3 to control one of the storage device 306, the file system 303, and the driver 309, respectively, to allow the purchase. The application file is stored from the remote server 305 to the storage device 306, the purchased application file is stored from the storage device 306 to the file system 303 through the driver 309, and the purchase is made by the local operating system 302. The application file is loaded from the file system 303 into the random access memory 304 for execution. In another preferred embodiment, the authorization verification component 307 can also transmit the verification information 1 to the local operating system 302 for authorization verification. After the authorization verification is passed, the authorization verification component 307 transmits the control message 1 and the control message 2 to allow. The purchased application file from the far end The library of server 305 is loaded into random access memory 304 for execution. In the third figure, the dotted line between the storage device 306 and the random access memory 304 represents that the purchased application file is indirectly accessed therebetween, that is, the information of the purchased application file is transmitted through the storage device 306. The program 309, the file system 303, and the operating system 302 are then loaded into the random access memory 304 for execution.
在第三圖中,儲存裝置306可以是遠端伺服器305的硬碟、本機硬碟、一專用的隨機存取記憶體區塊、或其任意組合。購買的應用程式檔案儲存的地方因設計而有所不同,而檔案系統303則分配在哪裡存取購買的應用程式檔案。。為了使本地作業系統302可存取特定位置的特定檔案之資料,該檔案系統303被模擬於該儲存裝置306上用來接收本地作業系統302的指令以存取特定位置的特定檔案之資料。該授權驗證元件307可包含驅動程式與主應用程式301的一部分,或該主應用程式301可包含該驅動程式與該授權驗證元件307,該授權驗證元件307的任務在於與該本地作業系統302或該遠端伺服器305配合以驗證授權,並在通過授權驗證後,該授權驗證元件307允許該購買的應用程式檔案儲存到儲存裝置306、或從儲存裝置306讀取至檔案系統303、或讓作業系統302從檔案系統303載入至隨機存取記憶體304,其依照該授權驗證元件307是否能控制到儲存裝置306、檔案系統303、遠端伺服器305的硬碟而定。本發明主要是在通過授權驗證之前,該授權驗證元件307禁止該購買的應用程式檔案從該儲存裝置306傳送到該檔案系統303,或使本地作業系統302禁止該購買的應用程式檔案從該檔案系統303載入該隨機存取記憶體304中。 In the third figure, storage device 306 can be a hard disk of remote server 305, a local hard disk, a dedicated random access memory block, or any combination thereof. The location of the purchased application file is different depending on the design, and the file system 303 is assigned where to access the purchased application file. . In order for the local operating system 302 to access data for a particular profile at a particular location, the profile system 303 is modeled on the storage device 306 for receiving instructions from the local operating system 302 to access data for a particular profile at a particular location. The authorization verification component 307 can include a driver and a portion of the main application 301, or the main application 301 can include the driver and the authorization verification component 307. The authorization verification component 307 is tasked with the local operating system 302 or The remote server 305 cooperates to verify the authorization, and after passing the authorization verification, the authorization verification component 307 allows the purchased application file to be stored to or read from the storage device 306 to the file system 303, or The operating system 302 loads from the file system 303 to the random access memory 304, depending on whether the authorization verification component 307 can control the hard disk to the storage device 306, the file system 303, and the remote server 305. The present invention primarily disables the purchased application file from the storage device 306 to the file system 303 prior to authorization verification, or causes the local operating system 302 to disable the purchased application file from the file. System 303 is loaded into the random access memory 304.
當該購買的應用程式檔案被載入到隨機存取記憶體304時,本地作業系統302會根據該購買的應用程式檔案的標頭所紀錄的一應用程式進入點來呼叫該應用程式進入點,然後該作業系統302將執行權交 由該新的程序來處理。 When the purchased application file is loaded into the random access memory 304, the local operating system 302 calls the application entry point based on an application entry point recorded by the header of the purchased application file. The operating system 302 will then execute the right It is handled by this new program.
請參閱第四圖,其為本發明第二較佳實施例雲端系統40授權的示意圖。雲端系統40包含在企業的外部環境的一公有雲42以及在企業內部的一私有雲44。私有雲44包含一軟體主機441、一區域網路442、以及複數電腦主機443,444,445,446,447。該公有雲42包含一雲端主機421。在雲端主機421上的應用程式軟體可在企業購買一特定數量的應用程式軟體授權後分佈(distribute)至企業的軟體主機441,軟體主機441再將該特定數量的應用程式軟體分佈至複數電腦主機443,444,445,446,447。在第四圖中只顯示雲端主機421透過一網際網路422連線至一個企業的軟體主機441,在另一較佳實施例中,雲端主機421可透過網際網路連線至複數軟體主機,而該複數軟體主機中的每一軟體主機由各個不同的企業所擁有。 Please refer to the fourth figure, which is a schematic diagram of the authorization of the cloud system 40 according to the second preferred embodiment of the present invention. The cloud system 40 includes a public cloud 42 in the external environment of the enterprise and a private cloud 44 inside the enterprise. The private cloud 44 includes a software host 441, a local area network 442, and a plurality of computer hosts 443, 444, 445, 446, 447. The public cloud 42 includes a cloud host 421. The application software on the cloud host 421 can be distributed to the enterprise software host 441 after the enterprise purchases a certain amount of application software license, and the software host 441 distributes the specific number of application software to the plurality of computer hosts. 443, 444, 445, 446, 447. In the fourth figure, only the cloud host 421 is connected to an enterprise software host 441 through an Internet 422. In another preferred embodiment, the cloud host 421 can be connected to a plurality of software hosts through the Internet. Each software host in the complex software host is owned by a different enterprise.
在第四圖中,雲端主機421與企業內軟體主機441之間的授權驗證以及購買的應用程式檔案之使用可由雲端主機421管理。雲端主機421擁有一第一密鑰,其作為對授權數量的簽章之用途,企業內的軟體主機441擁有一第二密鑰,其作為驗證該授權數量之用途。企業須先向服務端購買特定數量的授權後,雲端主機421才會將授權數量之資料使用該第一密鑰加密,再將加密後的授權數量之資料作簽章認證,所以一旦授權數量之資料被竄改,經加密後的授權數量之資料會與簽章認證過的資料不同。經簽章認證後的資訊經由網際網路422傳送至企業內的軟體主機441,軟體主機441利用該第二密鑰解密該經簽章認證後的資訊,以驗證授權數量,故當授權數量被竄改時,則在驗證時該經簽章認證後的資訊不符合,雲端主機421會直接拒絕所有授權的動作。若是簽章符合時,則購買的應用程式檔案可藉由網際網路422下載至企業內部的軟體主機441,或是企業的資訊人員將該經簽章認證後的資訊儲存至另外一台電腦,再利用另外一台電腦 經由網際網路422來下載該購買的應用程式,這樣的軟體主機441的離線下載可以避免軟體主機441被駭或中毒的風險。 In the fourth figure, the authorization verification between the cloud host 421 and the in-house software host 441 and the use of the purchased application file can be managed by the cloud host 421. The cloud host 421 has a first key, which serves as a signature for the authorized number. The software host 441 in the enterprise has a second key, which serves as a purpose for verifying the authorized quantity. After the enterprise first purchases a certain amount of authorization from the server, the cloud host 421 encrypts the authorized quantity data using the first key, and then encrypts the encrypted authorized quantity data for signature authentication, so once the authorized quantity is The data has been tampered with, and the encrypted authorized data will be different from the signature-certified information. The signed and authenticated information is transmitted to the software host 441 in the enterprise via the Internet 422, and the software host 441 decrypts the signed and authenticated information by using the second key to verify the authorized quantity, so when the authorized quantity is When tampering, the information after the signature verification is not met during verification, and the cloud host 421 will directly reject all authorized actions. If the signature is met, the purchased application file can be downloaded to the internal software host 441 via the Internet 422, or the company's information personnel can store the signed and certified information to another computer. Use another computer Downloading the purchased application via the Internet 422, such offline download of the software host 441 can avoid the risk of the software host 441 being smashed or poisoned.
在第四圖中,企業內部的軟體主機441可管理雲端主機421認證之授權數量。在一較較佳實施例中,企業內部的區域網路422內共有5台電腦主機443,444,445,446,447,但是同時使用到該購買的應用程式檔案只需要3套,因此只需購買3個授權數量,例如,電腦主機443,444先安裝主應用程式後同時在使用同一個購買的應用程式,軟體主機441會紀錄該購買的應用程式已經被多少個電腦主機所使用,並將軟體主機441內授權數量的計數減少2,而當電腦主機445安裝主應用程式後要使用同一個購買的應用程式時候,則授權數量的計數再減少1。當電腦主機446安裝主應用程式後要使用同一個購買的應用程式時候,授權數量的計數已經變成負的,其表示軟體主機441驗證授權數量已經超過,便不會讓電腦主機446執行。當電腦主機443不使用該購買的應用程式時,如同第三圖中儲存於儲存裝置306之購買的應用程式檔案不會被本地作業系統302載入到隨機存取記憶體304中執行,軟體主機441內授權數量增加1,因此電腦主機446或447的其中之一可以使用同一個購買的應用程式。 In the fourth figure, the software host 441 inside the enterprise can manage the authorized number of the cloud host 421 authentication. In a preferred embodiment, there are five computer hosts 443, 444, 445, 446, 447 in the local area network 422 of the enterprise, but only three sets of application files are required for the purchase, so only three authorized quantities are purchased, for example, The host computer 443, 444 first installs the main application and then uses the same purchased application. The software host 441 records how many computer hosts the purchased application has been used, and reduces the number of authorized numbers in the software host 441 by two. When the host computer 445 installs the main application and uses the same purchased application, the number of authorized numbers is reduced by one. When the host computer 446 installs the main application and uses the same purchased application, the count of the authorized number has become negative. It indicates that the software host 441 has verified that the authorized number has exceeded, and the computer host 446 is not executed. When the host computer 443 does not use the purchased application, the downloaded application file stored in the storage device 306 in the third figure is not loaded into the random access memory 304 by the local operating system 302, and the software host is executed. The number of licenses in 441 is increased by 1, so that one of the host computers 446 or 447 can use the same purchased application.
在一較佳實施例中,在第三圖中的程式交易裝置32為該軟體主機441,遠端伺服器305為該雲端主機421。在另一較佳實施例中,程式交易裝置32為複數電腦主機443,444,445,446,447的任一台,遠端伺服器305為該軟體主機441。軟體主機441內部的授權驗證元件307在授權驗證未通過下則不允許購買的應用程式被本地作業系統302載入到隨機存取記憶體304中執行。類似地,複數電腦主機443,444,445,446,447的任一台在未通過授權數量的驗證之前,在其內部的授權驗證元件307亦不允許購買的應用程式儲存至儲存裝置306或是載入到隨機存取記憶體304中。 In a preferred embodiment, the program transaction device 32 in the third figure is the software host 441, and the remote server 305 is the cloud host 421. In another preferred embodiment, the program transaction device 32 is any one of a plurality of computer hosts 443, 444, 445, 446, 447, and the remote server 305 is the software host 441. The authorization verification component 307 inside the software host 441 is not loaded by the local operating system 302 into the random access memory 304 when the authorization verification fails. Similarly, any of the plurality of computer hosts 443, 444, 445, 446, 447 does not allow the purchased application to be stored in the storage device 306 or loaded into the random access memory before the authorized number of verifications is passed. 304.
當複數電腦主機443,444,445,446,447在不同區域網路時,因應網路速度較慢,延遲較高,在授權驗證通過後可將購買的應用程式檔案先儲存於儲存裝置306中,再將購買的應用程式檔案經由檔案系統303與本地作業系統302從儲存裝置306載入至隨機存取記憶體中304。也就是RAM中以供執行。 When the plurality of computer hosts 443, 444, 445, 446, 447 are in different local area networks, the network speed is slower and the delay is higher. After the authorization verification is passed, the purchased application files can be stored in the storage device 306 first, and then the purchased application files are saved. Loaded from storage device 306 into random access memory 304 via file system 303 and local operating system 302. That is, in RAM for execution.
在企業內部使用電腦主機的人須登錄其企業內部的帳號,此帳號根據不同的身分而具有不同的權限,當電腦主機443~447的其中之一通過授權驗證後,軟體主機441會發出一權杖,該權杖具有相關於該帳號的權限,通過授權的電腦主機的本地作業系統302或授權驗證元件307便根據該權杖來決定購買的應用程式檔案如何被處理,例如將購買的應用程式檔案載入隨機存取記憶體304中,或是中斷購買的應用程式檔案的載入。同樣地,雲端主機421亦可作為授權驗證的伺服器。當企業用戶以具有特定權限的帳號登錄軟體主機441後,在公有雲42的雲端主機421會根據特定權限來授權軟體主機441,以使企業用戶所購買的應用程式檔案下載至軟體主機441。當然軟體主機441中的本地作業系統302或授權驗證元件307亦會根據該權杖來決定購買的應用程式檔案如何被處理,例如將購買的應用程式檔案載入軟體主機441的隨機存取記憶體304中,或是中斷購買的應用程式檔案的載入。 The person who uses the computer host inside the enterprise must log in to the account inside the enterprise. This account has different permissions according to different identities. When one of the host computers 443~447 passes the authorization verification, the software host 441 will issue a right. The stick has the authority associated with the account, and the local operating system 302 or the authorization verification component 307 of the authorized computer host determines how the purchased application file is processed according to the token, for example, the purchased application The file is loaded into random access memory 304 or the application file of the purchased application is interrupted. Similarly, the cloud host 421 can also serve as a server for authorization verification. After the enterprise user logs in to the software host 441 with an account having a specific authority, the cloud host 421 of the public cloud 42 authorizes the software host 441 according to the specific authority, so that the application file purchased by the enterprise user is downloaded to the software host 441. Of course, the local operating system 302 or the authorization verification component 307 in the software host 441 also determines how the purchased application file is processed according to the token, for example, loading the purchased application file into the random access memory of the software host 441. In 304, or the loading of the application file that was interrupted for purchase.
購買的應用程式檔案經過授權後會儲存於儲存裝置306中。為了避免應用程式檔案被複製出來使用,這些檔案都有特定密鑰加密來加以保護,而該特定密鑰係在該權杖(token)中,有該權杖購買的應用程式檔案才可允許被下載。當購買的應用程式檔案在電腦主機443被執行時,啟動的權杖會被軟體主機441紀錄下來,啟動的權杖會保留於紀錄中,即授權數量的計數會被軟體主機441記錄下來,若紀錄被刪除則購買的應用 程式檔案無法被讀取。如果授權數量在與雲端主機斷線的情況下被竄改,授權驗證元件307會禁止購買的應用程式檔案從軟體主機441的遠端伺服器305被讀取到電腦主機443的隨機存取記憶體304中。 The purchased application file is stored in storage device 306 upon authorization. In order to prevent the application files from being copied and used, these files are protected by a specific key encryption, and the specific key is in the token, and the application file purchased by the token can be allowed to be download. When the purchased application file is executed on the host computer 443, the activated token will be recorded by the software host 441, and the activated token will remain in the record, that is, the authorized number of counts will be recorded by the software host 441, if The application that was deleted after the record was deleted The program file could not be read. If the authorized number is tampered with the cloud host disconnected, the authorization verification component 307 prohibits the purchased application file from being read from the remote server 305 of the software host 441 to the random access memory 304 of the host computer 443. in.
授權驗證依照購買應用程式檔案的使用之多寡可分為完全授權與部分授權,當購買的應用程式包含多種不同功能的複數個應用程式時,該複數個應用程式可依照其功能分成不同的檔案,這樣就可以依檔案來進行部分授權。當只有購買應用程式的一部分功能時,則部分授權可適用。 Authorization verification can be divided into full authorization and partial authorization according to the usage of the purchased application file. When the purchased application contains multiple applications with multiple different functions, the multiple applications can be divided into different files according to their functions. This allows partial authorization based on the file. Some licenses are applicable when only a portion of the functionality of the application is purchased.
請參閱第五圖,其為本發明第三較佳實施例授權一程式的方法之示意圖。該程式儲存於一儲存裝置或一遠端伺服器中並包含複數執行檔,該複數執行檔包含一第一執行檔與一第二執行檔,該第一執行檔包含一第一標頭,該第二執行檔包含一第二標頭,該方法包含下列步驟:步驟S501,使一作業系統接收一程式啟動指令並啟動該程式。步驟S502,使該作業系統將該第一標頭載入該儲存裝置中以讀取該第一標頭,並使一授權驗證元件中斷該作業系統將該第一執行檔載入一隨機存取記憶體中。步驟S503,使該授權驗證元件與該作業系統或該遠端伺服器配合,以進行一授權驗證。步驟S504,當該第一執行檔通過該授權驗證後,該授權驗證元件允許該第一執行檔載入該隨機存取記憶體中執行。步驟S505,當該第二執行檔被使用時,該作業系統讀取該第二標頭,並由該授權驗證元件與該作業系統或該遠端伺服器配合,以進行另一授權驗證。 Please refer to FIG. 5, which is a schematic diagram of a method for authorizing a program according to a third preferred embodiment of the present invention. The program is stored in a storage device or a remote server and includes a plurality of executable files. The plurality of executable files includes a first executable file and a second executable file. The first executable file includes a first header. The second executable file includes a second header. The method includes the following steps: Step S501, causing an operating system to receive a program start command and start the program. Step S502, the operating system loads the first header into the storage device to read the first header, and causes an authorization verification component to interrupt the operating system to load the first execution file into a random access. In memory. Step S503, the authorization verification component is cooperated with the operating system or the remote server to perform an authorization verification. Step S504, after the first execution file passes the authorization verification, the authorization verification component allows the first execution file to be loaded into the random access memory for execution. Step S505, when the second execution file is used, the operating system reads the second header, and the authorization verification component cooperates with the operating system or the remote server to perform another authorization verification.
在第五圖中,當該授權驗證未通過時,該作業系統讀取一毀損檔案,以結束該購買的應用程式,或使該作業系統無法讀取該購買的應用程式而使該購買的應用程式發生錯誤,以結束該購買的應用程式程式。該授權驗證依照使用的有效期間可分為一永久授權驗證、一租用授權驗 證、以及一試用授權驗證,該授權驗證包含其中之一。當該授權驗證為該永久授權驗證時,該程式允許被無限期使用,當該授權驗證為該租用授權驗證時,在一特定的時間間隔內該程式允許被使用,當該授權驗證為該試用授權驗證時,在一試用時間到期時該程式被停止使用。 In the fifth figure, when the authorization verification fails, the operating system reads a corrupted file to end the purchased application, or makes the operating system unable to read the purchased application to make the purchased application. An error occurred in the program to end the purchased application. The authorization verification can be divided into a permanent authorization verification and a rental authorization inspection according to the valid period of use. The certificate, and a trial authorization verification, the authorization verification includes one of them. When the authorization is verified as the permanent authorization verification, the program is allowed to be used indefinitely. When the authorization verification is the rental authorization verification, the program is allowed to be used within a specific time interval, when the authorization is verified as the trial. At the time of authorization verification, the program is stopped when a trial period expires.
該授權驗證更包含一網路授權或一電話授權,該網路授權係利用驗證一第一授權碼來進行授權驗證,該第一授權碼包含一個人隱私相關訊息,該個人隱私相關訊息包含身分證字號、生日、或其任意組合,該電話授權係利用一電話號碼來進行授權驗證,當該電話授權被驗證時,該電話號碼用以取得一第二授權碼,該第二授權碼被用來通過該電話授權的授權驗證。藉由個人隱私相關訊息來驗證可避免將序號或是授權碼分享,而避免程式在未付費的情況下被盜用的問題。 The authorization verification further includes a network authorization or a telephone authorization, and the network authorization is performed by using a verification first authorization code, where the first authorization code includes a person privacy related information, and the personal privacy related information includes an identity card. The font size, birthday, or any combination thereof, the telephone authorization uses a telephone number for authorization verification. When the telephone authorization is verified, the telephone number is used to obtain a second authorization code, and the second authorization code is used. Authorization verification authorized by the phone. Verification by personal privacy-related messages avoids sharing serial numbers or authorization codes, and avoids the problem of programs being stolen without paying.
當該授權驗證通過後,該作業系統可取得一權杖(token)。該權杖包含一匿名權杖以及一非匿名權杖。該匿名權杖用於一公用電腦,該非匿名權杖用於一私人電腦。權杖的用途在於使購買的應用程式檔案允許存取,匿名權杖的用途在於使購買的應用程式檔案允許存取,但一旦電腦關機,該購買的應用程式檔案就會被清除,此適用於該公用電腦。而非匿名權杖的用途在於使購買的應用程式檔案允許存取,但一旦電腦關機,該購買的應用程式檔案不會被清除,此適用於該私人電腦。 When the authorization verification is passed, the operating system can obtain a token. The token includes an anonymous token and a non-anonymous token. The anonymous token is used for a public computer and the non-anonymous token is used for a personal computer. The purpose of the token is to allow access to the purchased application file. The purpose of the anonymous token is to allow access to the purchased application file, but once the computer is shut down, the purchased application file will be cleared. This applies to The public computer. The purpose of the non-anonymous token is to allow access to the purchased application file, but once the computer is turned off, the purchased application file will not be erased, which applies to the private computer.
請參閱第六圖,其為本發明第四較佳實施例授權一程式的示意圖。授權一程式的方法,包含下列步驟:步驟S601,使一作業系統接收一程式啟動指令並啟動該程式。步驟S602,在該作業系統載入該程式前,使一授權驗證元件與該作業系統之本身或一遠端伺服器配合以進行一授權驗證。步驟S603,當該授權驗證通過後,使該作業系統取得一權杖。 Please refer to a sixth figure, which is a schematic diagram of a program authorized by the fourth preferred embodiment of the present invention. The method for authorizing a program includes the following steps: Step S601, causing an operating system to receive a program start command and start the program. Step S602, before the operating system loads the program, an authorization verification component is cooperated with the operating system itself or a remote server to perform an authorization verification. Step S603, after the authorization verification is passed, the operating system obtains a token.
該權杖包含了加密密鑰,有了加密密鑰才能將購買的應用程 式檔案解密以供讀取。該授權驗證包含一永久授權驗證、一租用授權驗證、以及一試用授權驗證的其中之一。當該授權驗證為該租用授權驗證或該試用授權驗證時,該授權驗證元件與該遠端伺服器配合以進行該授權驗證。當該授權驗證為該永久授權驗證,且該遠端伺服器無法連線時,該授權驗證元件與該作業系統配合以進行該授權驗證,在此狀況下,雖可進行臨時的授權驗證,但固定一段時間後,例如在一個星期後強制要求連線到遠端伺服器進行授權驗證,以確保購買的應用程式不被盜用。 The token contains the encryption key, and the encryption key can be used to purchase the application. The file is decrypted for reading. The authorization verification includes one of a permanent authorization verification, a lease authorization verification, and a trial authorization verification. When the authorization verification is the lease authorization verification or the trial authorization verification, the authorization verification component cooperates with the remote server to perform the authorization verification. When the authorization verification is the permanent authorization verification, and the remote server cannot be connected, the authorization verification component cooperates with the operation system to perform the authorization verification. In this case, although temporary authorization verification is performed, although temporary authorization verification is performed, After a fixed period of time, for example, after one week, it is mandatory to connect to the remote server for authorization verification to ensure that the purchased application is not stolen.
在第六圖中,該方法更包含下列步驟:當該匿名權杖被檢驗通過且該程式關閉時,該程式的資料恢復為一預設值。當該非匿名權杖被檢驗通過且該程式關閉時,該程式的資料維持其原狀態。 In the sixth figure, the method further includes the following steps: when the anonymous token is checked and the program is closed, the program's data is restored to a preset value. When the non-anonymous token is checked and the program is closed, the program's data remains in its original state.
請參閱第七(a)圖,其為本發明另一較佳實施例授權一程式的系統50的示意圖,其包含授權一程式的裝置52以及一遠端伺服器506。授權一程式的裝置52包含一檔案系統501、一儲存裝置507、一作業系統502、以及一授權驗證元件503。遠端伺服器506的軟體庫中包含該程式505,該程式505包含一標頭5050。該作業系統502接收一啟動程式指令504並啟動該程式505,並將該標頭5050儲存於該儲存裝置508中以供該作業系統502讀取該標頭5050。該授權驗證元件503中斷該作業系統502將該程式505載入一隨機存取記憶體508執行,並與該作業系統502或遠端伺服器506配合,以進行一授權驗證。當該授權驗證通過後,該授權驗證元件503允許該程式505繼續載入該隨機存取記憶體508中執行。 Please refer to FIG. 7(a), which is a schematic diagram of a system 50 for authorizing a program according to another preferred embodiment of the present invention, which includes a device 52 for authorizing a program and a remote server 506. The authorized device 52 includes a file system 501, a storage device 507, an operating system 502, and an authorization verification component 503. The program 505 is included in the software library of the remote server 506, and the program 505 includes a header 5050. The operating system 502 receives an activation program command 504 and launches the program 505, and stores the header 5050 in the storage device 508 for the operating system 502 to read the header 5050. The authorization verification component 503 interrupts the operating system 502 to load the program 505 into a random access memory 508 for execution and cooperates with the operating system 502 or the remote server 506 to perform an authorization verification. When the authorization verification is passed, the authorization verification component 503 allows the program 505 to continue loading into the random access memory 508 for execution.
在另一較佳實施例中,該程式505尚未儲存到儲存裝置501中,但是該授權驗證元件503中斷該程式505儲存到儲存裝置507的動作,該授權驗證元件503與該作業系統502或遠端伺服器506配合,以進行該授權驗證。當該授權驗證通過後,該授權驗證元件503允許該程式505儲 存至該儲存裝置507,並由作業系統502將該程式505從檔案系統501載入該隨機存取記憶體508中執行。 In another preferred embodiment, the program 505 has not been stored in the storage device 501, but the authorization verification component 503 interrupts the operation of the program 505 to the storage device 507. The authorization verification component 503 is remote from the operating system 502. The end server 506 cooperates to perform the authorization verification. When the authorization verification is passed, the authorization verification component 503 allows the program 505 to store The program is stored in the storage device 507 and loaded by the operating system 502 from the file system 501 into the random access memory 508.
請參閱第七圖(b),其為本發明另一較佳實施例授權一程式的系統60的示意圖,其包含授權一程式的裝置62以及一遠端伺服器606。授權一程式的裝置62包含一行動裝置601以及一主機611。該主機611包含一作業系統602、驅動程式608、以及隨機存取記憶體612。該行動裝置601包含一韌體(Firmware)607、以及程式609,該程式609包含一標頭6090。在一較佳實施例中,該作業系統602接收一啟動程式指令604並啟動該程式609,並讀取該標頭6090。 Please refer to FIG. 7(b), which is a schematic diagram of a system 60 for authorizing a program according to another preferred embodiment of the present invention, including a device 62 for authorizing a program and a remote server 606. The device-authorized device 62 includes a mobile device 601 and a host 611. The host 611 includes an operating system 602, a driver 608, and a random access memory 612. The mobile device 601 includes a firmware 607 and a program 609. The program 609 includes a header 6090. In a preferred embodiment, the operating system 602 receives an initiator command 604 and launches the program 609 and reads the header 6090.
在第七圖(b)中,作業系統602與行動裝置601之間由一驅動程式608來控制,該軔體607包含該授權驗證元件603,該軔體607與該驅動程式608合作以傳送以及控制該程式609。當行動裝置601與該主機611耦接時,在授權驗證之前,該程式609的標頭6090藉由該驅動程式608、該作業系統602而在隨機存取記憶體612先被讀取,以確認該程式609所需之記憶體大小等資訊,然後該作業系統604分配(allocate)給該程式609一個新的程序並啟動之,此時授權驗證元件603被啟動以使該作業系統604經由該驅動程式608而與該韌體607配合來進行授權驗證。在授權驗證通過之前,軔體607中斷該程式609從該行動裝置傳送至該主機611,驅動程式608中斷作業系統604將程式609載入隨機存取記憶體612執行。 In the seventh diagram (b), the operating system 602 and the mobile device 601 are controlled by a driver 608, which includes the authorization verification component 603, and the cartridge 607 cooperates with the driver 608 to transmit and Control the program 609. When the mobile device 601 is coupled to the host 611, the header 6090 of the program 609 is read in the random access memory 612 by the driver 608 and the operating system 602 before the authorization verification. The program 609 requires information such as the size of the memory, and then the operating system 604 allocates a new program to the program 609 and launches it, at which point the authorization verification component 603 is activated to cause the operating system 604 to pass the driver. The program 608 cooperates with the firmware 607 for authorization verification. Before the authorization verification is passed, the body 607 interrupts the transfer of the program 609 from the mobile device to the host 611, and the driver 608 interrupts the operating system 604 to load the program 609 into the random access memory 612 for execution.
授權驗證通過後該韌體607允許該程式609從該行動裝置傳送至該主機611而不會被中斷,該驅動程式608允許該程式609藉由作業系統602載入到隨機存取記憶體612執行,而不會被該驅動程式608中斷,在另一較佳實施例中,授權驗證可由授權驗證元件603與遠端伺服器606或作業系統602配合來進行。 After the authorization verification is passed, the firmware 607 allows the program 609 to be transferred from the mobile device to the host 611 without being interrupted. The driver 608 allows the program 609 to be loaded into the random access memory 612 by the operating system 602. Without being interrupted by the driver 608, in another preferred embodiment, authorization verification may be performed by the authorization verification component 603 in conjunction with the remote server 606 or the operating system 602.
第七圖(b)中,行動裝置601可為一隨身硬碟,該作業系統602包含:嵌入式作業系統、Windows作業系統、Linux作業系統、以及Solaris作業系統的其中之一。 In the seventh diagram (b), the mobile device 601 can be a portable hard disk. The operating system 602 includes one of an embedded operating system, a Windows operating system, a Linux operating system, and a Solaris operating system.
請參閱第八圖,其為本發明另一較佳實施例授權一程式的方法之示意圖。該方法包含下列步驟:步驟S801,選取一特定程式。步驟S802,由一本地作業系統本身或一遠端伺服器進行一授權驗證。步驟S803,當該授權驗證通過後,許該作業系統將該特定程式載入至一特定記憶體。 Please refer to the eighth figure, which is a schematic diagram of a method for authorizing a program according to another preferred embodiment of the present invention. The method comprises the following steps: Step S801, selecting a specific program. In step S802, an authorization verification is performed by a local operating system itself or a remote server. Step S803, after the authorization verification is passed, the operating system is allowed to load the specific program into a specific memory.
在第八圖中,該特定記憶體係由一使用者選定一記憶體路徑,該方法更包含:使該特定程式從一雲端主機儲存至一軟體主機中。從該軟體主機傳送該特定程式至一區域網路主機。該方法更包含:中斷該程式的執行,待該授權驗證通過後該授權驗證元件允許該程式繼續執行。 In the eighth figure, the specific memory system selects a memory path by a user, and the method further comprises: storing the specific program from a cloud host to a software host. Transfer the specific program from the software host to a regional network host. The method further comprises: interrupting execution of the program, and the authorization verification component allows the program to continue execution after the authorization verification is passed.
請參閱第九圖,其為本發明在一程式交易裝置62中授權一程式609的方法的示意圖,該程式交易裝置62包含一主機611與一行動裝置601,該方法包含下列步驟:步驟S901,耦接該行動裝置601與該主機611。步驟S902,該行動裝置601中的一軔體607中斷該程式609從該行動裝置601傳送至該主機611,且該主機611中的一驅動程式608中斷該程式609藉由該主機611中的一作業系統602載入該主機611中的一隨機存取記憶體612執行。步驟S903,該行動裝置601中的一授權驗證元件603被啟動以使該作業系統602經由該驅動程式608而與該韌體607配合來進行一授權驗證。步驟S904,當該授權驗證通過後,該軔體607允許該程式609從該行動裝置601傳送到該主機611,且該驅動程式608允許該程式609藉由該作業系統602載入該隨機存取記憶體612執行。 Please refer to the ninth figure, which is a schematic diagram of a method for authorizing a program 609 in a program transaction device 62. The program transaction device 62 includes a host 611 and a mobile device 601. The method includes the following steps: Step S901, The mobile device 601 is coupled to the host 611. Step S902, a unit 607 in the mobile device 601 interrupts the program 609 from the mobile device 601 to the host 611, and a driver 608 in the host 611 interrupts the program 609 by one of the hosts 611. The operating system 602 is loaded into a random access memory 612 in the host 611 for execution. In step S903, an authorization verification component 603 in the mobile device 601 is activated to enable the operating system 602 to cooperate with the firmware 607 to perform an authorization verification via the driver 608. Step S904, after the authorization verification is passed, the body 607 allows the program 609 to be transferred from the mobile device 601 to the host 611, and the driver 608 allows the program 609 to load the random access by the operating system 602. Memory 612 is executed.
實施例 Example
1.一種授權一程式的方法,該程式儲存於一儲存裝置或一遠端伺服器中並包含複數執行檔,該複數執行檔包含一第一執行檔與一第二執行檔,該第一執行檔包含一第一標頭,該第二執行檔包含一第二標頭,該方法包含下列步驟:使一作業系統接收一程式啟動指令並啟動該程式。使該作業系統將該第一標頭儲存於該儲存裝置中以讀取該第一標頭,並使一授權驗證元件中斷該作業系統將該第一執行檔載入一隨機存取記憶體中執行。使該授權驗證元件與該作業系統或該遠端伺服器配合,以進行一授權驗證。當該第一執行檔通過該授權驗證後,該授權驗證元件允許該第一執行檔載入至該雖機存取記憶體中執行。當該第二執行檔被使用時,該作業系統讀取該第二標頭,並由該授權驗證元件與該作業系統或該遠端伺服器配合,以進行另一授權驗證。 A method for authorizing a program, the program being stored in a storage device or a remote server and comprising a plurality of executable files, the plurality of executable files comprising a first execution file and a second execution file, the first execution The file includes a first header and the second executable includes a second header. The method includes the steps of: causing an operating system to receive a program launch command and launch the program. Having the operating system store the first header in the storage device to read the first header, and causing an authorization verification component to interrupt the operating system to load the first execution file into a random access memory carried out. The authorization verification component is mated with the operating system or the remote server for an authorization verification. After the first execution file is verified by the authorization, the authorization verification component allows the first execution file to be loaded into the execution memory. When the second executable is used, the operating system reads the second header and the authorization verification component cooperates with the operating system or the remote server to perform another authorization verification.
2.如實施例1所述的方法,該方法更包含下列步驟:當該授權驗證未通過時,該作業系統讀取一毀損檔案,以結束該程式,或使該作業系統無法讀取該程式而使該程式發生錯誤,以結束該程式。。當該第二執行檔通過該另一授權驗證後,該授權驗證元件允許該第二執行檔載入該隨機存取記憶體中。 2. The method of embodiment 1, further comprising the step of: when the authorization verification fails, the operating system reads a corrupted file to end the program or disable the operating system from reading the program. And the program has an error to end the program. . After the second executable file is verified by the other authorization, the authorization verification component allows the second execution file to be loaded into the random access memory.
3.一種授權一程式的方法,包含下列步驟:使一作業系統接收一程式啟動指令並啟動該程式。在該作業系統載入該程式前,使一授權驗證元件與該作業系統之本身或一遠端伺服器配合以進行一授權驗證。當該授權驗證通過後,使該作業系統或一儲存裝置取得一權杖。 3. A method of authorizing a program comprising the steps of: causing an operating system to receive a program launch command and launch the program. An authorization verification component is coupled to the operating system itself or a remote server to perform an authorization verification before the operating system loads the program. When the authorization verification is passed, the operating system or a storage device obtains a token.
4.如實施3所述的方法,其中:該授權驗證元件中斷該作業系統將該程式載入,待該授權驗證通過後該授權驗證元件允許該作業系統將該程式繼續載入。。該權杖包含一匿名權杖以及一非匿名權杖。該匿名權杖用於一公用電腦,該非匿名權杖用於一私人電腦。該授權驗證包含 一永久授權驗證、一租用授權驗證、以及一試用授權驗證的其中之一。當該授權驗證為該租用授權驗證或該試用授權驗證時,該授權驗證元件與該遠端伺服器配合以進行該授權驗證。當該授權驗證為該永久授權驗證,且該遠端伺服器無法連線時,該授權驗證元件與該作業系統配合以進行該授權驗證。該方法更包含下列步驟:當該匿名權杖被檢驗通過且該程式關閉時,該程式的資料恢復為一預設值。當該非匿名權杖被檢驗通過且該程式關閉時,該程式的資料維持其原狀態。 4. The method of embodiment 3, wherein: the authorization verification component interrupts the operating system to load the program, and the authorization verification component allows the operating system to continue loading the program after the authorization verification is passed. . The token includes an anonymous token and a non-anonymous token. The anonymous token is used for a public computer and the non-anonymous token is used for a personal computer. This authorization verification contains One of a permanent authorization verification, a lease authorization verification, and a trial authorization verification. When the authorization verification is the lease authorization verification or the trial authorization verification, the authorization verification component cooperates with the remote server to perform the authorization verification. When the authorization is verified as the permanent authorization verification and the remote server is unable to connect, the authorization verification component cooperates with the operating system to perform the authorization verification. The method further includes the following steps: when the anonymous token is checked and the program is closed, the program's data is restored to a preset value. When the non-anonymous token is checked and the program is closed, the program's data remains in its original state.
5.一種授權一程式的裝置,該程式包含一標頭,該裝置包含一儲存裝置、一檔案系統、一作業系統、以及一授權驗證元件。該作業系統接收一啟動程式指令並啟動該程式,並將該標頭儲存至該儲存裝置中以供該作業系統讀取該標頭。該授權驗證元件中斷該作業系統將該程式載入一隨機存取記憶體中執行,並與該作業系統或一遠端伺服器配合,以進行一授權驗證。其中當該授權驗證通過後,該授權驗證元件允許該程式繼續載入該隨機存取記憶體中執行。 5. A device for authorizing a program, the program comprising a header, the device comprising a storage device, a file system, an operating system, and an authorization verification component. The operating system receives an activation program command and starts the program, and stores the header in the storage device for the operating system to read the header. The authorization verification component interrupts the operating system to load the program into a random access memory and cooperates with the operating system or a remote server to perform an authorization verification. When the authorization verification is passed, the authorization verification component allows the program to continue to load the random access memory for execution.
6.如實施例5所述的裝置,其中該裝置更包含一驅動程式,該授權驗證元件在被通知通過授權驗證後,傳送一第一控制訊息、一第二控制訊息、以及一第三控制訊息的其中之一以分別控制該儲存裝置、該檔案系統、以及該驅動程式的其中之一,以允許將該程式從該遠端伺服器儲存到儲存裝置、將該程式透過該驅動程式從該儲存裝置儲存到該檔案系統、以及由該作業系統將該程式從檔案系統載入到該隨機存取記憶體中執行。當該授權驗證未通過時,該作業系統讀取一毀損檔案,以結束該程式,或使該作業系統無法讀取該程式而使該程式發生錯誤,以結束該程式。該授權驗證的方式包含一永久授權驗證、一租用授權驗證、以及一試用授權驗證的其中之一。當該授權驗證為該永久授權驗證時,該程式允許被無限 期使用。當該授權驗證為該租用授權驗證時,在一特定的時間間隔該程式允許被使用。當該授權驗證為該試用授權驗證時,在一試用時間到期時該程式被停止使用。該授權驗證更包含一網路授權或一電話授權,該網路授權的方式係利用驗證一第一授權碼來進行授權驗證,該第一授權碼包含一個人隱私相關訊息,該個人隱私相關訊息包含身分證字號、生日、或其任意組合,該電話授權的方式係利用一電話號碼來進行授權驗證,當該電話授權被驗證時,該電話號碼用以取得一第二授權碼,該第二授權碼被用來通過該電話授權的授權驗證。 6. The device of embodiment 5, wherein the device further comprises a driver, the authorization verification component transmitting a first control message, a second control message, and a third control after being notified of the authorization verification. One of the messages to control one of the storage device, the file system, and the driver to allow the program to be stored from the remote server to the storage device, and the program is The storage device is stored in the file system, and the program is loaded from the file system into the random access memory by the operating system. When the authorization verification fails, the operating system reads a corrupted file to end the program, or makes the operating system unable to read the program and causes the program to make an error to end the program. The method of authorization verification includes one of a permanent authorization verification, a lease authorization verification, and a trial authorization verification. When the authorization is verified as the permanent authorization verification, the program is allowed to be unlimited Period use. When the authorization is verified as the lease authorization verification, the program is allowed to be used at a specific time interval. When the authorization is verified as the trial authorization verification, the program is stopped when the trial time expires. The authorization verification further includes a network authorization or a telephone authorization, and the network authorization method is to perform authorization verification by using a verification first authorization code, where the first authorization code includes a person privacy related information, and the personal privacy related information includes The identity card number, birthday, or any combination thereof, the way the phone is authorized is to use a phone number for authorization verification, when the phone authorization is verified, the phone number is used to obtain a second authorization code, the second authorization The code is used to authenticate the authorization authorized by the phone.
7.一種授權一程式的方法,包含下列步驟:選取一特定程式。由一本地作業系統本身或一遠端伺服器進行一授權驗證。當該授權驗證通過後,許該作業系統將該特定程式載入至一特定記憶體。 7. A method of authorizing a program comprising the steps of: selecting a particular program. An authorization verification is performed by a local operating system itself or a remote server. When the authorization verification is passed, the operating system loads the specific program into a specific memory.
8.如實施例7所述的方法,其中該方法更包含:使該特定程式從一雲端主機儲存至一軟體主機中。從該軟體主機傳送該特定程式至一區域網路主機。該方法更包含:中斷該程式的執行,待該授權驗證通過後該授權驗證元件允許該程式繼續執行。該授權驗證係驗證個人機密資訊,該個人機密資訊包含身分證字號、生日、或其任意組合。該特定記憶體係由一使用者選定一記憶體路徑。 8. The method of embodiment 7, wherein the method further comprises: storing the particular program from a cloud host to a software host. Transfer the specific program from the software host to a regional network host. The method further comprises: interrupting execution of the program, and the authorization verification component allows the program to continue execution after the authorization verification is passed. The authorization verification verifies the personal confidential information, which includes the identity card number, birthday, or any combination thereof. The particular memory system selects a memory path by a user.
9.一種程式交易裝置,包含一第一存取元件、一第二存取元件、以及一授權驗證元件。該第一存取元件存取一遠端程式庫,該遠端程式庫包含複數程式。該第二存取元件供一本地作業系統存取,以自該複數程式中選取一特定程式。該授權驗證元件與該本地作業系統本身或一遠端伺服器配合以進行一授權驗證,俾當該授權驗證通過後,許該特定程式被執行。 9. A program transaction device comprising a first access element, a second access element, and an authorization verification element. The first access element accesses a remote library, and the remote library includes a plurality of programs. The second access element is accessed by a local operating system to select a particular program from the plurality of programs. The authorization verification component cooperates with the local operating system itself or a remote server to perform an authorization verification, and when the authorization verification is passed, the specific program is executed.
10.如實施例9所述的裝置,其中該第一存取元件為一代理 伺服器硬碟或一雲端硬碟,該第二存取元件為一動態隨機存取記憶體(RAM)。該授權驗證元件中斷該本地作業系統將該程式載入該RAM中執行,待該授權驗證通過後該授權驗證元件允許該本地作業系統將該程式繼續載入該RAM中執行。當該程式交易裝置為一軟體主機時,該遠端伺服器為一雲端主機,該授權驗證在該雲端主機進行,該程式在該軟體主機被存取。當該程式交易裝置為一軟體主機,且該遠端伺服器無法連線、該遠端伺服器為一雲端主機時,該授權驗證在該軟體主機進行,該程式在該電腦主機被存取。當該程式交易裝置為一電腦主機時,該遠端伺服器為該軟體主機,該授權驗證在該軟體主機進行,該程式在該電腦主機被存取。當該授權驗證為該租用授權驗證或該試用授權驗證時,該授權驗證元件與該遠端伺服器配合以進行該授權驗證。當該授權驗證為該永久授權驗證,且該遠端伺服器無法連線時,該授權驗證元件與該作業系統配合以進行該授權驗證。當該授權驗證未通過時,由該作業系統讀取一毀損檔案,直到該授權驗證通過時,該授權驗證元件允許該作業系統將該特定程式載入該第一存取元件或該第二存取元件中。該授權驗證包含一永久授權驗證、一租用授權驗證、以及一試用授權驗證的其中之一。當該授權驗證為該永久授權驗證時,該程式允許被無限期使用。當該授權驗證為該租用授權驗證時,在一特定的時間間隔該程式允許被使用。當該授權驗證為該試用授權驗證時,在一試用時間到期時該程式被停止使用。該授權驗證更包含一網路授權或一電話授權,該網路授權的方式係利用驗證一第一授權碼來進行授權驗證,該第一授權碼包含一個人隱私相關訊息,該個人隱私相關訊息包含身分證字號、生日、或其任意組合,該電話授權的方式係利用一電話號碼來進行授權驗證,當該電話授權被驗證時,該電話號碼用以取得一第二授權碼,該第二授權碼被用來通過該電話授權的授權驗證。 10. The device of embodiment 9, wherein the first access element is an agent A server hard disk or a cloud hard disk, the second access element is a dynamic random access memory (RAM). The authorization verification component interrupts the local operating system to load the program into the RAM for execution. After the authorization verification is passed, the authorization verification component allows the local operating system to continue loading the program into the RAM for execution. When the program transaction device is a software host, the remote server is a cloud host, and the authorization verification is performed on the cloud host, and the program is accessed at the software host. When the program transaction device is a software host, and the remote server cannot be connected, and the remote server is a cloud host, the authorization verification is performed on the software host, and the program is accessed at the computer host. When the program transaction device is a computer host, the remote server is the software host, and the authorization verification is performed on the software host, and the program is accessed at the computer host. When the authorization verification is the lease authorization verification or the trial authorization verification, the authorization verification component cooperates with the remote server to perform the authorization verification. When the authorization is verified as the permanent authorization verification and the remote server is unable to connect, the authorization verification component cooperates with the operating system to perform the authorization verification. When the authorization verification fails, the operating system reads a corrupted file until the authorization verification passes, the authorization verification component allows the operating system to load the specific program into the first access element or the second storage Take the component. The authorization verification includes one of a permanent authorization verification, a lease authorization verification, and a trial authorization verification. When the authorization is verified as the permanent authorization verification, the program is allowed to be used indefinitely. When the authorization is verified as the lease authorization verification, the program is allowed to be used at a specific time interval. When the authorization is verified as the trial authorization verification, the program is stopped when the trial time expires. The authorization verification further includes a network authorization or a telephone authorization, and the network authorization method is to perform authorization verification by using a verification first authorization code, where the first authorization code includes a person privacy related information, and the personal privacy related information includes The identity card number, birthday, or any combination thereof, the way the phone is authorized is to use a phone number for authorization verification, when the phone authorization is verified, the phone number is used to obtain a second authorization code, the second authorization The code is used to authenticate the authorization authorized by the phone.
11.一種授權一程式的裝置,該裝置包含一主機以及一行動裝置。該主機包含一作業系統與一驅動程式。該行動裝置包含該程式與一韌體,該韌體包含一授權驗證元件其中當該行動裝置與該主機耦接時,該軔體中斷該程式從該行動裝置傳送至該主機,且該驅動程式中斷該程式藉由該作業系統載入一隨機存取記憶體執行,該授權驗證元件被啟動以使該作業系統經由該驅動程式而與該韌體配合來進行一授權驗證,當該授權驗證通過後,該軔體允許該程式從該行動裝置傳送到該主機,且該驅動程式允許該程式藉由該作業系統載入該隨機存取記憶體中執行。 11. A device for authorizing a program, the device comprising a host and a mobile device. The host includes an operating system and a driver. The mobile device includes the program and a firmware, the firmware includes an authorization verification component, wherein when the mobile device is coupled to the host, the firmware interrupts transmission of the program from the mobile device to the host, and the driver Interrupting the program is performed by the operating system loading a random access memory, the authorization verification component being activated to enable the operating system to cooperate with the firmware to perform an authorization verification via the driver, when the authorization verification is passed Thereafter, the body allows the program to be transferred from the mobile device to the host, and the driver allows the program to be loaded into the random access memory by the operating system.
12.一種在一程式交易裝置中授權一程式的方法,該程式交易裝置包含一主機與一行動裝置,該方法包含下列步驟:耦接該行動裝置與該主機。該行動裝置中的一軔體中斷該程式從該行動裝置傳送至該主機,且該主機中的一驅動程式中斷該程式藉由該主機中的一作業系統載入該主機中的一隨機存取記憶體執行。該行動裝置中的一授權驗證元件被啟動以使該作業系統經由該驅動程式而與該韌體配合來進行一授權驗證。當該授權驗證通過後,該軔體允許該程式從該行動裝置傳送到該主機,且該驅動程式允許該程式藉由該作業系統載入該隨機存取記憶體執行。 12. A method of authorizing a program in a program transaction device, the program transaction device comprising a host and a mobile device, the method comprising the steps of: coupling the mobile device to the host. A device in the mobile device interrupts the transfer of the program from the mobile device to the host, and a driver in the host interrupts the program to load a random access in the host by a working system in the host Memory execution. An authorization verification component of the mobile device is activated to cause the operating system to cooperate with the firmware to perform an authorization verification via the driver. When the authorization is verified, the body allows the program to be transferred from the mobile device to the host, and the driver allows the program to be loaded by the operating system to load the random access memory.
綜上所述,本發明的說明與實施例已揭露於上,然其非用來限制本發明,凡習知此技藝者,在不脫離本發明的精神與範圍之下,當可做各種更動與修飾,其仍應屬在本發明專利的涵蓋範圍之內。 In the above, the description and the embodiments of the present invention have been disclosed, and are not intended to limit the present invention, and those skilled in the art can make various changes without departing from the spirit and scope of the present invention. And modifications, which still fall within the scope of the present invention.
Claims (12)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW102123718A TWI617938B (en) | 2013-07-02 | 2013-07-02 | Device of licensing program, device of purchasing program and method of licensing program thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW102123718A TWI617938B (en) | 2013-07-02 | 2013-07-02 | Device of licensing program, device of purchasing program and method of licensing program thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW201502842A TW201502842A (en) | 2015-01-16 |
| TWI617938B true TWI617938B (en) | 2018-03-11 |
Family
ID=52718409
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW102123718A TWI617938B (en) | 2013-07-02 | 2013-07-02 | Device of licensing program, device of purchasing program and method of licensing program thereof |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI617938B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI679541B (en) * | 2018-06-08 | 2019-12-11 | 廣達電腦股份有限公司 | Sharing expansion device, controlling method and computer using the same |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW200513088A (en) * | 2003-09-25 | 2005-04-01 | Xicco Information Netwodk Technology Co Ltd | The system and method for protecting digital content |
| US20090147985A1 (en) * | 2007-12-07 | 2009-06-11 | Xuemin Chen | METHOD AND SYSTEM FOR secure WATERMARK EMBEDDING AND EXTRACTION DATA FLOW ARCHITECTURE |
| TW201216095A (en) * | 2010-10-05 | 2012-04-16 | Digital Internet Commerce Net Ltd | A method for matching data, charging, protection, and to be paid by user by tracking mechanism of electronic file |
| TW201327440A (en) * | 2011-12-16 | 2013-07-01 | Chih-Wen Cheng | Cloud-computing based digital rights products commercial platform and digital rights management method |
-
2013
- 2013-07-02 TW TW102123718A patent/TWI617938B/en active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW200513088A (en) * | 2003-09-25 | 2005-04-01 | Xicco Information Netwodk Technology Co Ltd | The system and method for protecting digital content |
| US20090147985A1 (en) * | 2007-12-07 | 2009-06-11 | Xuemin Chen | METHOD AND SYSTEM FOR secure WATERMARK EMBEDDING AND EXTRACTION DATA FLOW ARCHITECTURE |
| TW201216095A (en) * | 2010-10-05 | 2012-04-16 | Digital Internet Commerce Net Ltd | A method for matching data, charging, protection, and to be paid by user by tracking mechanism of electronic file |
| TW201327440A (en) * | 2011-12-16 | 2013-07-01 | Chih-Wen Cheng | Cloud-computing based digital rights products commercial platform and digital rights management method |
Also Published As
| Publication number | Publication date |
|---|---|
| TW201502842A (en) | 2015-01-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10291619B2 (en) | System, method, and device for delivering communications and storing and delivering data | |
| US9910969B2 (en) | System, method, and device for delivering communications and storing and delivering data | |
| TWI492085B (en) | Method,device,and computer storage media for enhanced product functionality based on user identification | |
| JP4913871B2 (en) | Upgrade memory cards with security mechanisms to prevent copying of secure content and applications | |
| US9015479B2 (en) | Host device and method for super-distribution of content protected with a localized content encryption key | |
| JP4648239B2 (en) | Method and apparatus for ensuring data storage security while ensuring control by logical role | |
| TWI494786B (en) | Application program distribution system, application program distribution method, terminal and program product | |
| CN110663027A (en) | Protecting operating system configuration using hardware | |
| US9773099B2 (en) | System, method, and device for delivering communications and storing and delivering data | |
| US20070234073A1 (en) | Random password automatically generated by bios for securing a data storage device | |
| US20130156196A1 (en) | Storage Device and Method for Super-Distribution of Content Protected with a Localized Content Encyrption Key | |
| US10430564B2 (en) | Software wrapper and installer using timestamp validation and system identification validation | |
| CN108846263B (en) | Software authorization processing and running method and device and electronic equipment | |
| KR20200000448A (en) | Systems and methods for software activation and license tracking | |
| US20150013015A1 (en) | Method and apparatus for group licensing of device features | |
| CN105612715A (en) | Security processing unit with configurable access control | |
| CN102089765A (en) | Authentication for access to software development kit for a peripheral device | |
| TW200834371A (en) | Computerized apparatus and method for version control and management | |
| JP6931531B2 (en) | Device to license the program | |
| TWI617938B (en) | Device of licensing program, device of purchasing program and method of licensing program thereof | |
| TW201638775A (en) | Booting user devices to custom operating system (OS) images | |
| CN108141723B (en) | Method for managing application program | |
| KR101259716B1 (en) | System and method for strengthening security of mobile terminal | |
| WO2003093952A2 (en) | Method and system for providing secure authoring services for protected software | |
| KR101711024B1 (en) | Method for accessing temper-proof device and apparatus enabling of the method |