WO2012155456A1 - 一种许可控制方法及系统 - Google Patents
一种许可控制方法及系统 Download PDFInfo
- Publication number
- WO2012155456A1 WO2012155456A1 PCT/CN2011/081191 CN2011081191W WO2012155456A1 WO 2012155456 A1 WO2012155456 A1 WO 2012155456A1 CN 2011081191 W CN2011081191 W CN 2011081191W WO 2012155456 A1 WO2012155456 A1 WO 2012155456A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- license
- authentication request
- shared
- object system
- value
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 29
- 238000013475 authorization Methods 0.000 claims description 85
- 230000008676 import Effects 0.000 claims description 9
- 238000004891 communication Methods 0.000 claims description 2
- 230000008569 process Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000000977 initiatory effect Effects 0.000 description 3
- 238000000926 separation method Methods 0.000 description 3
- 239000002699 waste material Substances 0.000 description 3
- 230000008859 change Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/103—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for protecting copyright
Definitions
- the present invention relates to the field of software license management and control, and in particular, to a license control method and system.
- each license object system performs an authentication judgment according to the corresponding authorization value.
- the number of licensed objects may change (larger or smaller). If it is larger than the expected authorization value, the license file needs to be recreated. If it is smaller than the expected authorization value, the excess authorization is required. Values cannot be used by other licensed object systems, resulting in waste.
- the licenses are distributed among the small software systems.
- the number of license files is large, the control methods are not uniform, the license files are updated frequently, and the maintenance manpower is large.
- the technical problem to be solved by the present invention is to provide a license control method and system for realizing dynamic sharing of licenses.
- the present invention provides a license control method, the method comprising:
- the license control system configures a shared license (License) value of the license sharing group, and the license sharing group includes one or more license object systems;
- the license object system initiates a license authentication request to the license control system according to a user-initiated business operation; the license control system determines the license of the license object system according to the shared license value of the license sharing group in which the license object system is located Whether the authentication request is legal, and returns the license authentication result to the license object.
- the license control system stores a shared license file configured as a license sharing group, where the shared license file includes a configured dynamic sharing rule;
- the dynamically shared rule of the configuration includes the following information: a license function item, code information of each license object system in the license sharing group, and a shared license value.
- the license control system receives the license authentication request, according to the dynamic sharing rule of the shared license file, it is determined whether the license authentication request of the license object system is legal according to the following manner:
- the license control system determines whether the license consumption value of the license object system application included in the license authentication request and the recorded license consumption value of other license object systems in the license sharing group exceed the license
- the shared permission value of the function item if not exceeded, determines that the license authentication request is legal, and returns a license authentication success result; if it is exceeded, it determines that the license authentication request is invalid, and returns a license authentication failure result .
- the method further includes:
- the license control system saves and updates the license authorization real-time consumption record of the license sharing group, and the license authorization real-time consumption record includes the license consumption value of each license object system in the license sharing group.
- the present invention also provides a license control system, the system includes a license object system and a license authorization control module, and the license object system further includes a license application proxy module, wherein: the license application proxy module is set to, according to the user Initiating a business operation, initiating a license authentication request to the license authorization control module, where the license authentication request includes a license consumption value requested by the license object system;
- the license authorization control module is configured to: save the authorization information of the license object system; when receiving the license authentication request, determine, according to the saved license authorization information, whether the license authentication request of the license object system is legal, and The license authentication result is returned to the license object system.
- the license authorization information saved by the license authorization control module includes: coded information of the license object system and a corresponding license value;
- the license authorization control module is configured to determine, according to the saved license authorization information, whether the license authentication request of the license object system is legal according to the following manner: when receiving the license authentication request, determining that the license object system applies for Whether the license consumption value exceeds the license value corresponding to the license object system, if not, determining that the license authentication request is legal, and returning the license authentication success result; if it is exceeded, determining that the license authentication request is invalid And return the result of the license authentication failure.
- the present invention also provides another license control system, the system comprising a license object system and a license control server, the license control server further comprising a license authorization control module, wherein: the license object system is set to, according to the user Initiating a business operation to initiate a license authentication request to the license authorization control module, and receiving a license authentication result returned by the license authorization control module;
- the license authorization control module is configured to configure a shared license (License) value of the license sharing group, the license sharing group includes one or more license object systems; and, upon receiving the license authentication request initiated by the license object system When it is determined, based on the shared permission value of the license sharing group in which the license object system is located, it is determined whether the license authentication request of the license object system is legal, and the license authentication result is returned to the license object.
- Locense shared license
- the license authorization control module is configured to: store and manage a shared license file configured for the license sharing group, where the shared license file includes the configured dynamic sharing rule; wherein the configured dynamic sharing rule includes the following information : The license function item, the code information of each license object system in the license sharing group, and the shared license value.
- the license authorization control module is further configured to save and update a license authorization real-time consumption record of the license sharing group according to the license consumption value of the license object system application included in the license authentication request, the license Authorized real-time consumption records include the license sharing groups The permissible consumption value of the target system.
- the license object system further includes a service module and a license application proxy module, and the service module is configured to: when the user initiates a service operation by using the service module, initiate a request to the license application proxy module;
- the license application proxy module is configured to send a license authentication request to the license authorization control module according to a request of the service module, and include a license consumption value of the application in the license authentication request; and, receiving the location Dedicating the license authentication result of the license control module, and distributing the license authentication result to the corresponding service module;
- the license authorization control module is configured to: when receiving the license authentication request, determine, according to the dynamic sharing rule of the shared license file, whether the license authentication request of the license object system is legal according to the following manner: determining the license Whether the license consumption value of the license object system application included in the authentication request and the recorded license consumption value of the other license object systems in the license sharing group exceed the shared license value of the license function item, if not If it is exceeded, it is determined that the license authentication request is legal, and the license authentication success result is returned; if it is exceeded, it is determined that the license authentication request is invalid, and the license authentication failure result is returned.
- system further comprises a client in communication with said license control server, said client further comprising one or more of the following modules:
- Import license file interface set to provide a shared license file import portal
- the license legality check module is set to check the legality of the shared license file;
- the license content presentation module is configured to obtain and display the shared license file content from the license control server;
- the license consumption summary interface is set to obtain real-time consumption of licenses from the license control server and display them.
- the invention also provides a license authorization control device, comprising a configuration unit, a transceiver unit and a judgment unit, wherein:
- the configuration unit is configured to: configure a shared license (License) value of the license sharing group, where the license sharing group includes one or more license object systems;
- the transceiver unit is configured to: receive a license authentication request initiated by the license object system, and send Sending to the judging unit; and returning the license authentication result sent by the judging unit to the license object system;
- the determining unit is configured to: determine, according to the shared permission value of the license sharing group where the license object system is located, whether the license authentication request of the license object system is legal according to the license permission request; The license authentication result is sent to the transceiver unit.
- the license authorization control device further includes a storage management unit, and the storage management unit is configured to: store and manage a shared license file configured for the license sharing group, where the shared license file includes the configured dynamic sharing rule;
- the dynamically shared rule of the configuration includes the following information: a license function item, an encoding information of each license object system in the license sharing group, and a shared license value.
- the storage management unit is further configured to: save and update the license authorization real-time of the license sharing group according to the license consumption value requested by the license object system included in the license authentication request A consumption record, wherein the license authorization real-time consumption record includes a license consumption value of each license object system in the license sharing group.
- the determining unit is configured to: when receiving the license authentication request, determine the license of the license target system according to the dynamic sharing rule of the shared license file according to the following manner Whether the right request is legal: determining whether the license consumption value of the license object system application included in the license authentication request and the recorded license consumption value of other license object systems in the license sharing group exceed the license
- the shared permission value of the function item if not exceeded, determines that the license authentication request is legal, and returns a license authentication success result; if it is exceeded, it determines that the license authentication request is invalid, and returns a license authentication failure result .
- the above license control method and system by formulating a sharing rule, divide the license object system into one or more sharing groups according to the business plan, and the license object system in the same sharing group can share the license authorization value in the group, thereby realizing the license.
- Dynamic sharing when the license resources released by any one of the license object systems can be dynamically used by other license object systems, the license resource waste is avoided; and, as long as the license consumption value of the entire shared group does not exceed the total limit, there is no need to re-create the license.
- File which reduces the operation when the license file is updated.
- FIG. 1 is a schematic diagram showing the composition of a license control system according to an embodiment of the present invention
- FIG. 2 is a process flow diagram of a license control method according to an embodiment of the present invention.
- FIG. 3 is a structural diagram of a license authorization control apparatus according to an embodiment of the present invention. Preferred embodiment of the invention
- the present embodiment provides a license control method, which specifically uses the following technical solutions:
- the license object system initiates a license authentication request to the license control system according to the user-initiated business operation, where the license authentication request includes the license consumption value of the application;
- the license control system determines whether the license authentication request of the license object system is legal according to the saved license authorization information, and returns a license authentication result to the license object system.
- the license authorization information saved by the license control system includes: coded information of the license object system and a corresponding license value;
- the license control system When the license control system receives the license authentication request, it is determined whether the license consumption value requested by the license object system exceeds a license value corresponding to the license object system: if not exceeded, determining the license authentication request Legitimate, and return the successful result of the license authentication; if it is exceeded, it is determined that the license authentication request is invalid, and the result of the license authentication failure is returned.
- the embodiment further provides a license control system, which mainly includes a license object system and a license authorization control module, and the license object system further includes a license application proxy module, wherein:
- the license application proxy module is configured to initiate a license authentication request to the license authorization control module according to a service operation initiated by the user, where the license authentication request includes a license consumption value requested by the license object system;
- the license authorization control module is configured to: save the authorization information of the license object system; when receiving the license authentication request, determine, according to the saved license authorization information, whether the license authentication request of the license object system is legal, and The license authentication result is returned to the license object system.
- the license authorization information saved by the license authorization control module includes: coded information of the license object system and a corresponding license value;
- the license authorization control module is configured to determine, according to the saved license authorization information, whether the license authentication request of the license object system is legal according to the following manner: when receiving the license authentication request, determining that the license object system applies for Whether the license consumption value exceeds the license value corresponding to the license object system, if not, determining that the license authentication request is legal, and returning the license authentication success result; if it is exceeded, determining that the license authentication request is invalid And return the result of the license authentication failure.
- the present embodiment provides a license control method, which specifically uses the following technical solutions:
- the license control system configures a shared license (License) value of the license sharing group, and the license sharing group includes one or more license object systems;
- the license object system initiates a license authentication request to the license control system according to a user-initiated business operation; the license control system determines the license of the license object system according to the shared license value of the license sharing group in which the license object system is located Whether the authentication request is legal, and returns the license authentication result to the license object.
- the license control system stores a shared license file configured as a license sharing group, where the shared license file includes a configured dynamic sharing rule;
- the dynamically shared rule of the configuration includes the following information: a license function item, code information of each license object system in the license sharing group, and a shared license value.
- a license function item code information of each license object system in the license sharing group
- a shared license value code information of each license object system in the license sharing group
- the dynamic sharing rule of the license file determines whether the license authentication request of the license object system is legal according to the following manner:
- the license control system determines whether the license consumption value of the license object system application included in the license authentication request and the recorded license consumption value of other license object systems in the license sharing group exceed the license
- the shared permission value of the function item if not exceeded, determines that the license authentication request is legal, and returns a license authentication success result; if it is exceeded, it determines that the license authentication request is invalid, and returns a license authentication failure result .
- the method further includes: the license control system saving and updating a license authorization real-time consumption record of the license sharing group, wherein the license authorization real-time consumption record includes a license consumption value of each license object system in the license sharing group.
- the license control system determines the legality of the license authentication request, it can make a decision based on the current real-time consumption of the license sharing group.
- the method further comprises: registering the accessed license object system: when the license object system is started, the license control system needs to be registered, and the key (pre-set) check is required when registering, only having The license object system of the correct key can be successfully registered, otherwise it cannot be registered; only the registered license system can successfully perform the license authentication application.
- the license control client is responsible for providing the license file import portal; the license file legality check; the license file content display; and obtaining the license file consumption from the license control server in real time.
- the license control server is responsible for verifying and registering the legality of the controlled object connected to the system; responding to the license authentication request of the controlled object according to the dynamic sharing rule; real-time counting the license consumption and notifying the license control client.
- the license application agent module is deployed in the software of the controlled object, and is responsible for encrypting the license authentication request and transmitting it to the license control server; receiving the license authentication result message of the license control server, and decrypting the message, and then distributing it to Application module.
- the license control flow of the embodiment of the present invention mainly includes Next steps:
- the first step According to 1. The user's live network situation, 2. License entry in the contract, 3. License object system (also known as controlled object) sharing rules, partition license sharing group, and for each license The shared group creates a corresponding shared license file.
- License object system also known as controlled object
- partition license sharing group creates a corresponding shared license file.
- the file In addition to the authorization information of the specific licensed function, the file also contains the encoding information of the controlled object, and then the license file is released to the software user.
- Step 2 Import the license file into the control system through the license import port of the license control client.
- Step 3 At the time of system startup, the business module of the controlled object registers with the license control server through the license application agent module.
- the system code information of the controlled object, key information (pre-set), and the registration request are initiated according to a pre-defined format; only the controlled object with the correct key information can be successfully registered.
- Step 4 After the registration is successful, when the user performs related business operations, a license authentication request is triggered, and the service module initiates a license authentication request to the license control server through the license application proxy module; wherein, the license authentication request carries the license request Control object encoding information, license function items, information on the license consumption value of the application.
- Step 5 The license authorization control module of the license control server determines whether the license authentication request is legal according to the dynamic sharing rule of the current license file, and returns the corresponding license authentication result to the applicant.
- Step 6 The license application agent parses the returned license authentication result and returns the license authentication result to the service module that initiated the request.
- Step 7 The service module determines the result of the request. If successful, the user performs the next operation. Otherwise, the user is prompted to apply for the correct license.
- the license control system of the embodiment of the present invention mainly includes the following logical components. section:
- the license control client the import license interface is responsible for providing the license file import portal; the license legality check module is responsible for the license file legality check; the license content presentation interface is used for the license file content display; and the license consumption summary interface is used for the real-time license control service. The end obtains the license to authorize real-time consumption.
- the license control server the registration module is responsible for verifying and registering the legality of the controlled object accessing the system; the license authorization control module is configured to respond to the license authentication request of the controlled object according to the dynamic sharing rule, and real-time statistics The license consumes the situation and notifies the license control client.
- the license object system including the service module, further includes a license application agent module, and the license application agent module is deployed in the software of the controlled object, and is responsible for encrypting the license authentication request and transmitting it to the license control server; receiving the license control server license certificate The result message, and is responsible for decrypting the message and then distributing it to the corresponding business module.
- the license control process of the embodiment of the present invention mainly includes the following steps: Step 1.
- the service module of the controlled object registers with the license control server through the license application proxy module.
- Step 2 The registration module of the license control server registers it to determine whether the registration is successful. If it succeeds, go to step 4. Otherwise, go to step 3.
- Step 3 Registration failed, exiting the registration process.
- Step 4 The registration is successful, and a certain software operation of the user triggers the service module of the controlled system to initiate a license authentication request through the license application proxy module.
- Step 5 The license application proxy module initiates an authentication request to the license control server.
- Step 6 The license control module of the license control server determines whether the request is legal according to the dynamic sharing rule of the current license file. If it is legal, execute step 8. Otherwise, go to step 7.
- the dynamic sharing rule configured by the license authorization control module mainly includes the following information:
- License function item license object system code information sharing permission value Function 1 SystemA, SystemB 100
- Functionl authorization values that is, 10 are added on the original basis
- Step 7 If the authentication request is invalid, return to the service module and prompt the user to apply for a matching license file.
- Step 8 The authentication request is legal, the license authorization consumption record is refreshed in real time, and the license control client is notified to refresh.
- Step 9 Allow the user to proceed to the next step, and the process ends.
- the present invention further provides a license authorization control apparatus, as described in FIG. 3, including a configuration unit 301, a transceiver unit 302, and a determination unit 303, wherein:
- the configuration unit 301 is configured to: configure a shared license (License) value of the license sharing group, where the license sharing group includes one or more license object systems;
- the transceiver unit 302 is configured to: receive a license authentication request initiated by the license object system, send the request to the determining unit, and return a license authentication result sent by the determining unit to the license object system;
- the determining unit 303 is configured to: determine, according to the shared permission value of the license sharing group where the license object system is located, whether the license authentication request of the license object system is legal according to the license authentication request; Send the license authentication result to the transceiver unit.
- the license authorization control device further includes a storage management unit 304, wherein the storage management unit is configured to: store and manage a shared license file configured for the license sharing group, where the shared license file includes the configured dynamic sharing.
- Rule 304 the storage management unit is configured to: store and manage a shared license file configured for the license sharing group, where the shared license file includes the configured dynamic sharing.
- the dynamic sharing rule of the configuration includes the following information: a licensed function item, a license sharing Encoding information and shared license values for each license object system within the group.
- the storage management unit 304 is further configured to: save and update the license authorization of the license sharing group according to the license consumption value requested by the license object system included in the license authentication request
- the real-time consumption record includes the license consumption value of each license object system in the license sharing group in the real-time consumption record.
- the determination unit 303 is configured to: when receiving the license authentication request, determine the license of the license target system according to the dynamic sharing rule of the shared license file in the following manner Whether the authentication request is legal: determining whether the license consumption value of the license object system application included in the license authentication request is greater than the sum of the license consumption values of other license object systems in the license sharing group The shared permission value of the license function item, if not exceeded, determines that the license authentication request is legal, and returns a license authentication success result; if it is exceeded, it determines that the license authentication request is invalid, and returns the license authentication failure result.
- modules or steps of the embodiments of the present invention can be implemented by a general computing device, which can be concentrated on a single computing device or distributed among multiple computing devices. Alternatively, they may be implemented by program code executable by the computing device, such that they may be stored in the storage device by the computing device and, in some cases, may be different from The steps shown or described are performed sequentially, or they are separately fabricated into individual integrated circuit modules, or a plurality of modules or steps thereof are fabricated into a single integrated circuit module. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.
- the above technical solution provides a license control method and system, and realizes dynamic sharing of licenses.
- Said The license control method and system by formulating the sharing rule, divide the license object system into one or more sharing groups according to the business plan, and the license object system in the same sharing group can share the license authorization value in the group, realizing the dynamic of the license. Sharing, when the license resource released by any one of the license object systems can be dynamically used by other license object systems, the license resource waste is avoided; and, as long as the license consumption value of the entire shared group does not exceed the total limit, there is no need to re-create the license file. , reduces the operation when the license file is updated.
- the invention realizes the dynamic sharing of multiple application systems, and has the characteristics of security, high efficiency, separation of license consumption and management, and especially in the telecommunication network management system, the advantages are particularly obvious.
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
本发明公开了一种许可控制方法及系统,许可控制系统配置许可共享组的共享许可值,许可共享组中包括一个或多个许可对象系统;许可对象系统根据用户发起的业务操作向许可控制系统发起许可鉴权请求;许可控制系统根据许可对象系统所在的许可共享组的共享许可值,判定许可对象系统的许可鉴权请求是否合法,并向许可对象返回许可鉴权结果。与现有技术相比,本发明实现了多个应用系统的动态共享,且具有安全、高效、许可消耗与管理相分离等特点,特别是在电信网管系统中,优势尤其明显。
Description
一种许可控制方法及系统
技术领域
本发明涉及软件许可证管理、 控制领域, 尤其涉及一种许可控制方法及 系统。
背景技术
随着软件行业的飞速发展,人们对软件知识产权的保护意识也不断增强, 特别是大型商业软件, 都需要有一套完整的知识产权保护机制。 目前常见的 做法是通过许可文件授权的方式保护软件知识产权, 通过这种方法可以有效 遏制软件被大量盗版使用, 保护软件作者利益的同时也维护了合法购买者的 正当权利。
目前的许可控制方法, 需要预期规定每一个许可对象的授权值, 每个许 可对象系统依据所对应的授权值进行鉴权判断。 但是, 在实际使用过程中, 许可对象的业务数量可能发生变化(变大或者变小) , 如果变大, 超过了预 期授权值, 则需要重新制作 license文件, 如果小于预期授权值, 过剩的授权 值也不能被其他许可对象系统使用, 造成浪费。
综上所述, 现有的许可管理技术中, 还存在如下技术问题:
1. License (许可 )分散在各个小的软件系统中, 导致 License文件数量 大、 管控方法不统一, License文件更新频繁, 维护人力投入大;
2. 更新 License文件需要重新启动系统;
3. 应用系统的许可消耗和控制混在一起, 逻辑复杂。 发明内容
本发明解决的技术问题是提供一种许可控制方法及系统, 实现许可动态 共享。
为解决上述技术问题, 本发明提供了一种许可控制方法, 所述方法包括:
许可控制系统配置许可共享组的共享许可 (License)值, 所述许可共享组 中包括一个或多个许可对象系统;
许可对象系统根据用户发起的业务操作向所述许可控制系统发起许可鉴 权请求; 所述许可控制系统根据所述许可对象系统所在的许可共享组的共享许可 值, 判定所述许可对象系统的许可鉴权请求是否合法, 并向所述许可对象返 回许可鉴权结果。
优选地, 所述许可控制系统存储为许可共享组配置的共享 License文件, 所述共享 License文件中包括配置的动态共享规则;
所述配置的动态共享规则, 包括如下信息: 许可功能项、 许可共享组内 各许可对象系统的编码信息、 共享许可值。
优选地, 所述许可控制系统接收到所述许可鉴权请求时, 根据所述共享 License文件的动态共享规则, 按照以下方式判定所述许可对象系统的许可鉴 权请求是否合法:
所述许可控制系统判断所述许可鉴权请求中包含的所述许可对象系统申 请的许可消耗值, 与记录的所述许可共享组内其他许可对象系统的许可消耗 值的总和是否超出所述许可功能项的共享许可值, 如果未超出, 则判定所述 许可鉴权请求合法, 并返回许可鉴权成功结果; 如果超出, 则判定所述许可 鉴权请求不合法, 并返回许可鉴权失败结果。
优选地, 所述方法还包括:
所述许可控制系统保存并更新许可共享组的许可授权实时消耗记录, 所 述许可授权实时消耗记录中包括所述许可共享组内各许可对象系统的许可消 耗值。
本发明还提供了一种许可控制系统, 所述系统包括许可对象系统和许可 授权控制模块, 所述许可对象系统中进一步包括许可申请代理模块, 其中: 所述许可申请代理模块设置为, 根据用户发起的业务操作, 向所述许可 授权控制模块发起许可鉴权请求, 所述许可鉴权请求中包含所述许可对象系 统申请的许可消耗值;
所述许可授权控制模块设置为, 保存许可对象系统的授权信息; 在接收 到所述许可鉴权请求时, 根据保存的所述许可授权信息判定述许可对象系统 的许可鉴权请求是否合法, 并向所述许可对象系统返回许可鉴权结果。
优选地, 所述许可授权控制模块保存的所述许可授权信息, 包括: 许可 对象系统的编码信息与对应的许可值;
所述许可授权控制模块设置为, 根据保存的许可授权信息, 按照以下方 式判定述许可对象系统的许可鉴权请求是否合法: 接收到所述许可鉴权请求 时, 判断所述许可对象系统申请的许可消耗值是否超出所述许可对象系统对 应的许可值, 如果未超出, 则判定所述许可鉴权请求合法, 并返回许可鉴权 成功结果; 如果超出, 则判定所述许可鉴权请求不合法, 并返回许可鉴权失 败结果。
本发明还提供了另一种许可控制系统, 所述系统包括许可对象系统和许 可控制服务端, 所述许可控制服务端进一步包括许可授权控制模块, 其中: 所述许可对象系统设置为, 根据用户发起的业务操作向所述许可授权控 制模块发起许可鉴权请求, 并接收所述许可授权控制模块返回的许可鉴权结 果;
所述许可授权控制模块设置为, 配置许可共享组的共享许可 (License)值, 所述许可共享组中包括一个或多个许可对象系统; 以及, 在接收到许可对象 系统发起的许可鉴权请求时, 根据所述许可对象系统所在的许可共享组的共 享许可值, 判定所述许可对象系统的许可鉴权请求是否合法, 并向所述许可 对象返回许可鉴权结果。
优选地, 所述许可授权控制模块设置为, 存储并管理为许可共享组配置 的共享 License文件, 所述共享 License文件中包括配置的动态共享规则; 其中, 所述配置的动态共享规则包括如下信息: 许可功能项、 许可共享 组内各许可对象系统的编码信息、 共享许可值。
优选地, 所述许可授权控制模块还设置为, 根据所述许可鉴权请求中包 含的所述许可对象系统申请的许可消耗值, 保存并更新许可共享组的许可授 权实时消耗记录, 所述许可授权实时消耗记录中包括所述许可共享组内各许
可对象系统的许可消耗值。
优选地, 所述许可对象系统进一步包括业务模块和许可申请代理模块, 所述业务模块设置为, 用户通过本业务模块发起业务操作时, 向所述许 可申请代理模块发起请求;
所述许可申请代理模块设置为, 根据所述业务模块的请求, 向所述许可 授权控制模块发送许可鉴权请求, 并在所述许可鉴权请求中包含申请的许可 消耗值; 以及, 接收所述许可授权控制模块的许可鉴权结果, 并将所述许可 鉴权结果分发到相应的业务模块;
所述许可授权控制模块设置为, 接收到所述许可鉴权请求时, 根据所述 共享 License文件的动态共享规则 ,按照以下方式判定述许可对象系统的许可 鉴权请求是否合法: 判断所述许可鉴权请求中包含的所述许可对象系统申请 的许可消耗值, 与记录的所述许可共享组内其他许可对象系统的许可消耗值 的总和是否超出所述许可功能项的共享许可值, 如果未超出, 则判定所述许 可鉴权请求合法, 并返回许可鉴权成功结果; 如果超出, 则判定所述许可鉴 权请求不合法, 并返回许可鉴权失败结果。
优选地, 所述系统还包括与所述许可控制服务端相通信的客户端, 所述 客户端进一步包括以下模块中的一个或多个:
导入许可文件界面, 设置为提供共享 License文件导入入口;
许可合法性检查模块, 设置为共享 License文件的合法性检查; 许可内容展现模块,设置为从所述许可控制服务端获取共享 License文件 内容并展示;
许可消耗汇总界面, 设置为从许可控制服务端获取许可授权实时消耗情 况并展示。
本发明还提供了一种许可授权控制装置, 包括配置单元, 收发单元和判 断单元, 其中:
所述配置单元设置为: 配置许可共享组的共享许可 (License)值, 所述许 可共享组中包括一个或多个许可对象系统;
所述收发单元设置为: 接收所述许可对象系统发起的许可鉴权请求, 发
送给所述判断单元; 以及将所述判断单元发送来的许可鉴权结果返回给所述 许可对象系统;
所述判断单元设置为: 在接收到所述许可鉴权请求时, 根据所述许可对 象系统所在的许可共享组的共享许可值, 判断所述许可对象系统的许可鉴权 请求是否合法; 以及将许可鉴权结果发送给收发单元。
优选地, 上述许可授权控制装置, 其还包括存储管理单元, 所述存储管 理单元设置为: 存储并管理为许可共享组配置的共享 License文件, 所述共享 License文件中包括配置的动态共享规则;
其中, 所述配置的动态共享规则包括如下信息: 许可功能项、 许可共享 组内各许可对象系统的编码信息和共享许可值。
优选地, 上述许可授权控制装置中, 所述存储管理单元还设置为: 根据 所述许可鉴权请求中包含的所述许可对象系统申请的许可消耗值, 保存并更 新许可共享组的许可授权实时消耗记录, 所述许可授权实时消耗记录中包括 所述许可共享组内各许可对象系统的许可消耗值。
优选地, 上述许可授权控制装置中, 所述判断单元是设置为: 接收到所 述许可鉴权请求时,根据所述共享 License文件的动态共享规则,按照以下方 式判定述许可对象系统的许可鉴权请求是否合法: 判断所述许可鉴权请求中 包含的所述许可对象系统申请的许可消耗值, 与记录的所述许可共享组内其 他许可对象系统的许可消耗值的总和是否超出所述许可功能项的共享许可 值, 如果未超出, 则判定所述许可鉴权请求合法, 并返回许可鉴权成功结果; 如果超出, 则判定所述许可鉴权请求不合法, 并返回许可鉴权失败结果。
上述许可控制方法及系统, 通过制定共享规则, 将许可对象系统按照业 务规划划分为一个或者多个共享组, 同一个共享组内的许可对象系统可以共 享组内的许可授权值, 实现了许可的动态共享, 当其中任意一个许可对象系 统释放的许可资源可以动态的被其他许可对象系统使用, 避免了许可资源浪 费; 并且, 只要整个共享组的许可消耗值没有超过总限制, 就无需重新制作 license文件, 减少了 license文件更新时的操作。 与现有技术相比较, 上述方 法和系统、 装置实现了多个应用系统的动态共享, 且具有安全、 高效、 许可 消耗与管理相分离等特点, 特别是在电信网管系统中, 优势尤其明显。
附图概述
此处所说明的附图用来提供对本发明实施方式的进一步理解, 构成本申 请的一部分, 本发明的示意性实施例及其说明用于解释本发明, 并不构成对 本发明的不当限定。 在附图中:
图 1是本发明实施例的许可控制系统的组成示意图;
图 2是本发明实施例的许可控制方法的处理流程图;
图 3为本发明实施例的许可授权控制装置结构图。 本发明的较佳实施方式
下文中将结合附图对本发明的实施例进行详细说明。 需要说明的是, 在 不冲突的情况下, 本申请中的实施例及实施例中的特征可以相互任意组合。
为实现许可的消耗与控制分离, 本实施方式提供一种许可控制方法, 具 体釆用如下技术方案:
许可对象系统根据用户发起的业务操作, 向许可控制系统发起许可鉴权 请求, 所述许可鉴权请求中包含申请的许可消耗值;
所述许可控制系统接收到所述许可鉴权请求时, 根据保存的许可 ( License )授权信息判定述许可对象系统的许可鉴权请求是否合法, 并向所 述许可对象系统返回许可鉴权结果。
其中, 所述许可控制系统保存的所述许可授权信息, 包括: 许可对象系 统的编码信息与对应的许可值;
所述许可控制系统接收到所述许可鉴权请求时, 判断所述许可对象系统 申请的许可消耗值是否超出所述许可对象系统对应的许可值: 如果未超出, 则判定所述许可鉴权请求合法, 并返回许可鉴权成功结果; 如果超出, 则判 定所述许可鉴权请求不合法, 并返回许可鉴权失败结果。
相应地, 本实施方式还提供了一种许可控制系统, 该系统主要包括许可 对象系统和许可授权控制模块, 许可对象系统中进一步包括许可申请代理模 块, 其中:
所述许可申请代理模块设置为, 根据用户发起的业务操作, 向所述许可 授权控制模块发起许可鉴权请求, 所述许可鉴权请求中包含所述许可对象系 统申请的许可消耗值;
所述许可授权控制模块设置为, 保存许可对象系统的授权信息; 在接收 到所述许可鉴权请求时, 根据保存的所述许可授权信息判定述许可对象系统 的许可鉴权请求是否合法, 并向所述许可对象系统返回许可鉴权结果。
优选地, 所述许可授权控制模块保存的所述许可授权信息, 包括: 许可 对象系统的编码信息与对应的许可值;
所述许可授权控制模块设置为, 根据保存的许可授权信息, 按照以下方 式判定述许可对象系统的许可鉴权请求是否合法: 接收到所述许可鉴权请求 时, 判断所述许可对象系统申请的许可消耗值是否超出所述许可对象系统对 应的许可值, 如果未超出, 则判定所述许可鉴权请求合法, 并返回许可鉴权 成功结果; 如果超出, 则判定所述许可鉴权请求不合法, 并返回许可鉴权失 败结果。
此外, 为实现多个对象系统的许可动态的共享, 本实施方式提供一种许 可控制方法, 具体釆用如下技术方案:
许可控制系统配置许可共享组的共享许可 (License)值, 所述许可共享组 中包括一个或多个许可对象系统;
许可对象系统根据用户发起的业务操作向所述许可控制系统发起许可鉴 权请求; 所述许可控制系统根据所述许可对象系统所在的许可共享组的共享许可 值, 判定所述许可对象系统的许可鉴权请求是否合法, 并向所述许可对象返 回许可鉴权结果。
具体地,许可控制系统中存储为许可共享组配置的共享 License文件, 所 述共享 License文件中包括配置的动态共享规则;
所述配置的动态共享规则, 包括如下信息: 许可功能项、 许可共享组内 各许可对象系统的编码信息、 共享许可值。
优选地, 所述许可控制系统接收到所述许可鉴权请求时, 根据所述共享
License文件的动态共享规则, 按照以下方式判定所述许可对象系统的许可鉴 权请求是否合法:
所述许可控制系统判断所述许可鉴权请求中包含的所述许可对象系统申 请的许可消耗值, 与记录的所述许可共享组内其他许可对象系统的许可消耗 值的总和是否超出所述许可功能项的共享许可值, 如果未超出, 则判定所述 许可鉴权请求合法, 并返回许可鉴权成功结果; 如果超出, 则判定所述许可 鉴权请求不合法, 并返回许可鉴权失败结果。
此外, 所述方法还包括: 所述许可控制系统保存并更新许可共享组的许 可授权实时消耗记录, 所述许可授权实时消耗记录中包括所述许可共享组内 各许可对象系统的许可消耗值。
许可控制系统在对许可鉴权请求进行合法性判定时, 可结合许可共享组 当前的实时消耗情况做判定。
优选地, 所述方法还包括对接入的许可对象系统进行注册: 当许可对象 系统启动时, 需要向许可控制系统进行注册, 注册时需要进行密钥 (预先已 设置好)校验, 只有拥有正确密钥的许可对象系统才能成功注册, 否则无法 注册; 只有注册成功的许可对象系统才能进行许可鉴权申请。
本实施方式的许可控制系统, 主要包括以下逻辑组成部分:
许可控制客户端, 负责提供 License文件导入入口; License文件合法性 检查; License文件内容展示; 实时从许可控制服务端获取 License文件消耗 情况。
许可控制服务端, 负责对接入该系统的受控对象的合法性进行校验、 注 册; 按照动态共享规则响应受控对象的 License鉴权请求; 实时统计 License 消耗情况并通知许可控制客户端。
许可申请代理模块,部署在受控对象的软件中, 负责将 License鉴权请求 加密后传递到许可控制服务端; 接收许可控制服务端的 License鉴权结果消 息, 并负责将此消息解密, 然后分发到应用模块。
基于上述的许可控制系统, 本发明实施方式的许可控制流程主要包括以
下步骤:
第一步: 根据 1.用户的现网组网情况, 2.合同中的 License条目, 3. 许 可对象系统(也称作受控对象) 的共享规则, 划分许可共享组, 并为每个许 可共享组制作相应共享 License文件,此文件中除了包含具体许可功能项的授 权信息外,还包含了受控对象的编码信息, 然后将 License文件发布给软件用 户。
第二步: 通过许可控制客户端的 License文件导入入口, 将 License文件 导入控制系统之中。
第三步: 在系统启动时, 受控对象的业务模块通过许可申请代理模块向 许可控制服务端进行注册。 在注册时, 需携带该受控对象的系统编码信息, 密钥信息 (预先设定好) , 按照预先规定好的格式发起注册请求; 只有拥有 正确的密钥信息的受控对象才能成功注册。
第四步: 注册成功后, 当用户进行相关业务操作, 会触发 License鉴权请 求, 业务模块通过许可申请代理模块向许可控制服务端发起许可鉴权请求; 其中, 许可鉴权请求中会携带受控对象编码信息, 许可功能项, 申请的 许可消耗值等信息。
第五步: 许可控制服务端的许可授权控制模块,根据当前 License文件的 动态共享规则, 判定许可鉴权请求是否合法, 并向申请者返回相应许可鉴权 结果。
第六步: 许可申请代理解析返回的许可鉴权结果, 并将许可鉴权结果返 回给发起请求的业务模块。
第七步: 业务模块判断请求结果, 如果成功则用于用户进行下一步操作, 否则提示用户申请正确的 License。
为使本发明实施方式的目的、 技术方案和优点更加清楚明白, 下文中将 结合附图对本发明的实施例进行详细说明。 需要说明的是, 在不冲突的情况 下, 本申请中的实施例及实施例中的特征可以相互任意组合。
如图 1所示, 本发明实施例的许可控制系统主要包括以下几个逻辑组成
部分:
许可控制客户端, 导入许可界面负责提供 License文件导入入口; 许可合 法性检查模块负责 License文件合法性检查; 许可内容展现界面用于 License 文件内容展示; 许可消耗汇总界面则用于实时从许可控制服务端获取许可授 权实时消耗情况。
许可控制服务端, 注册模块负责对接入该系统的受控对象的合法性进行 校验、 注册; 许可授权控制模块设置为按照动态共享规则响应受控对象的 License鉴权请求, 以及, 实时统计 License消耗情况并通知许可控制客户端。
许可对象系统, 包括业务模块, 还包括许可申请代理模块, 许可申请代 理模块部署在受控对象的软件中,负责将 License鉴权请求加密后传递到许可 控制服务端; 接收许可控制服务端的 License鉴权结果消息, 并负责将此消息 解密, 然后分发到相应的业务模块。
如图 2所示, 本发明实施例的许可控制流程, 主要包括如下步骤: 步骤 1.受控对象的业务模块通过许可申请代理模块向许可控制服务端进 行注册。
步骤 2. 许可控制服务端的注册模块对其进行注册, 判断是否注册成功, 成功则执行步骤 4 , 否则执行步骤 3。
步骤 3.注册失败, 退出注册流程。
步骤 4.注册成功, 用户的某个软件操作, 触发受控系统的业务模块通过 许可申请代理模块发起许可鉴权请求。
步骤 5.许可申请代理模块向许可控制服务端发起鉴权请求。
步骤 6.许可控制服务端的许可授权控制模块,依据当前 License文件的动 态共享规则判断请求是否合法, 合法则执行步骤 8, 否则执行步骤 7。
如表 1所示, 本发明实施方式一个示例中, 许可授权控制模块配置的动 态共享规则主要包括以下信息:
表 1 动态共享规则
许可功能项 许可对象系统编码信息 共享许可值
Function 1 SystemA、 SystemB 100
例如, 当前 SystemA、 SystemB分别已经消耗 30、 40个许可值。
当 SystemA再次发起鉴权请求, 申请 40个 Functionl授权值 (即在原来 的基础上增加了 10个); 则许可授权控制模块判断 SystemA消耗值加上当前 记录的 SystemB消耗值是否超过共享许可值, 此例中 40 + 40 =80, 小于共享 值 100 , 因此, 判定请求合法, 则返回许可鉴权成功消息, 并刷新 SystemA 消耗记录; 否则返回许可鉴权失败消息。
步骤 7.鉴权请求不合法, 返回业务模块, 提示用户申请匹配的 License 文件。
步骤 8.鉴权请求合法, 实时刷新许可授权消耗记录, 并通知许可控制客 户端刷新。
步骤 9.允许用户进行下一步操作, 本次流程结束。
本发明还提供了一种许可授权控制装置,如图 3所述,包括配置单元 301 , 收发单元 302和判断单元 303 , 其中:
所述配置单元 301 设置为: 配置许可共享组的共享许可 (License)值, 所 述许可共享组中包括一个或多个许可对象系统;
所述收发单元 302设置为:接收所述许可对象系统发起的许可鉴权请求, 发送给所述判断单元; 以及将所述判断单元发送来的许可鉴权结果返回给所 述许可对象系统;
所述判断单元 303设置为: 在接收到所述许可鉴权请求时, 根据所述许 可对象系统所在的许可共享组的共享许可值, 判断所述许可对象系统的许可 鉴权请求是否合法; 以及将许可鉴权结果发送给收发单元。
优选地, 上述许可授权控制装置, 其还包括存储管理单元 304, 所述存 储管理单元设置 304为: 存储并管理为许可共享组配置的共享 License文件, 所述共享 License文件中包括配置的动态共享规则;
其中, 所述配置的动态共享规则包括如下信息: 许可功能项、 许可共享
组内各许可对象系统的编码信息和共享许可值。
优选地, 上述许可授权控制装置中, 所述存储管理单元 304还设置为: 根据所述许可鉴权请求中包含的所述许可对象系统申请的许可消耗值, 保存 并更新许可共享组的许可授权实时消耗记录, 所述许可授权实时消耗记录中 包括所述许可共享组内各许可对象系统的许可消耗值。
优选地, 上述许可授权控制装置中, 所述判断单元 303是设置为: 接收 到所述许可鉴权请求时,根据所述共享 License文件的动态共享规则,按照以 下方式判定述许可对象系统的许可鉴权请求是否合法: 判断所述许可鉴权请 求中包含的所述许可对象系统申请的许可消耗值, 与记录的所述许可共享组 内其他许可对象系统的许可消耗值的总和是否超出所述许可功能项的共享许 可值, 如果未超出, 则判定所述许可鉴权请求合法, 并返回许可鉴权成功结 果; 如果超出, 则判定所述许可鉴权请求不合法, 并返回许可鉴权失败结果。
以上仅为本发明的优选实施案例而已, 并不用于限制本发明, 本发明还 可有其他多种实施例, 在不背离本发明精神及其实质的情况下, 熟悉本领域 的改变和变形都应属于本发明所附的权利要求的保护范围。
显然, 本领域的技术人员应该明白, 上述的本发明实施方式的各模块或 各步骤可以用通用的计算装置来实现, 它们可以集中在单个的计算装置上, 或者分布在多个计算装置所组成的网络上, 可选地, 它们可以用计算装置可 执行的程序代码来实现, 从而, 可以将它们存储在存储装置中由计算装置来 执行, 并且在某些情况下, 可以以不同于此处的顺序执行所示出或描述的步 骤, 或者将它们分别制作成各个集成电路模块, 或者将它们中的多个模块或 步骤制作成单个集成电路模块来实现。 这样, 本发明实施方式不限制于任何 特定的硬件和软件结合。
工业实用性
上述技术方案提供一种许可控制方法及系统, 实现许可动态共享。 所述
许可控制方法及系统, 通过制定共享规则, 将许可对象系统按照业务规划划 分为一个或者多个共享组, 同一个共享组内的许可对象系统可以共享组内的 许可授权值, 实现了许可的动态共享, 当其中任意一个许可对象系统释放的 许可资源可以动态的被其他许可对象系统使用, 避免了许可资源浪费; 并且, 只要整个共享组的许可消耗值没有超过总限制,就无需重新制作 license文件, 减少了 license文件更新时的操作。 与现有技术相比较, 本发明实现了多个应 用系统的动态共享, 且具有安全、 高效、 许可消耗与管理相分离等特点, 特 别是在电信网管系统中, 优势尤其明显。
Claims
1、 一种许可控制方法, 其包括:
许可控制系统配置许可共享组的共享许可值, 所述许可共享组中包括一 个或多个许可对象系统;
许可对象系统根据用户发起的业务操作向所述许可控制系统发起许可鉴 权请求; 以及 所述许可控制系统根据所述许可对象系统所在的许可共享组的共享许可 值, 判断所述许可对象系统的许可鉴权请求是否合法, 并向所述许可对象系 统返回许可鉴权结果。
2、 如权利要求 1所述的方法, 其还包括:
所述许可控制系统存储为许可共享组配置的共享许可文件, 所述共享许 可文件中包括配置的动态共享规则;
所述配置的动态共享规则, 包括如下信息: 许可功能项、 许可共享组内 各许可对象系统的编码信息和共享许可值。
3、 如权利要求 2所述的方法, 其中,
所述许可控制系统根据所述许可对象系统所在的许可共享组的共享许可 值判断所述许可对象系统的许可鉴权请求是否合法的步骤包括:
所述许可控制系统接收到所述许可鉴权请求时, 根据所述共享许可文件 的动态共享规则, 判断所述许可鉴权请求中包含的所述许可对象系统申请的 许可消耗值, 与记录的所述许可共享组内其他许可对象系统的许可消耗值的 总和是否超出所述许可功能项的共享许可值, 如果未超出, 则判定所述许可 鉴权请求合法, 并返回许可鉴权成功结果; 如果超出, 则判定所述许可鉴权 请求不合法, 并返回许可鉴权失败结果。
4、 如权利要求 1、 2或 3所述的方法, 其还包括:
所述许可控制系统保存并更新许可共享组的许可授权实时消耗记录, 所 述许可授权实时消耗记录中包括所述许可共享组内各许可对象系统的许可消 耗值。
5、 一种许可控制系统, 其包括许可对象系统和许可授权控制模块, 所述 许可对象系统中包括许可申请代理模块, 其中:
所述许可申请代理模块设置为: 根据用户发起的业务操作, 向所述许可 授权控制模块发起许可鉴权请求, 所述许可鉴权请求中包含所述许可对象系 统申请的许可消耗值;
所述许可授权控制模块设置为: 保存许可对象系统的授权信息; 在接收 到所述许可鉴权请求时, 根据保存的所述许可授权信息判断述许可对象系统 的许可鉴权请求是否合法, 并向所述许可对象系统返回许可鉴权结果。
6、 如权利要求 5所述的系统, 其中,
所述许可授权控制模块保存的所述许可授权信息, 包括: 许可对象系统 的编码信息与对应的许可值;
所述许可授权控制模块是设置为: 根据保存的许可授权信息, 按照以下 方式判断述许可对象系统的许可鉴权请求是否合法: 接收到所述许可鉴权请 求时, 判断所述许可对象系统申请的许可消耗值是否超出所述许可对象系统 对应的许可值, 如果未超出, 则判定所述许可鉴权请求合法, 并返回许可鉴 权成功结果; 如果超出, 则判定所述许可鉴权请求不合法, 并返回许可鉴权 失败结果。
7、 一种许可控制系统, 其包括许可对象系统和许可控制服务端, 所述许 可控制服务端包括许可授权控制模块, 其中:
所述许可对象系统设置为: 根据用户发起的业务操作向所述许可授权控 制模块发起许可鉴权请求, 并接收所述许可授权控制模块返回的许可鉴权结 果;
所述许可授权控制模块设置为: 配置许可共享组的共享许可值, 所述许 可共享组中包括一个或多个许可对象系统; 以及, 在接收到所述许可对象系 统发起的许可鉴权请求时, 根据所述许可对象系统所在的许可共享组的共享 许可值, 判断所述许可对象系统的许可鉴权请求是否合法, 并向所述许可对 象系统返回许可鉴权结果。
8、 如权利要求 7所述的系统, 其中, 所述许可授权控制模块设置为: 存储并管理为许可共享组配置的共享许 可文件, 所述共享许可文件中包括配置的动态共享规则;
其中, 所述配置的动态共享规则包括如下信息: 许可功能项、 许可共享 组内各许可对象系统的编码信息和共享许可值。
9、 如权利要求 8所述的系统, 其中,
所述许可授权控制模块还设置为: 根据所述许可鉴权请求中包含的所述 许可对象系统申请的许可消耗值, 保存并更新许可共享组的许可授权实时消 耗记录, 所述许可授权实时消耗记录中包括所述许可共享组内各许可对象系 统的许可消耗值。
10、 如权利要求 8或 9所述的系统, 其中, 所述许可对象系统还包括业 务模块和许可申请代理模块,
所述业务模块设置为: 用户通过本业务模块发起业务操作时, 向所述许 可申请代理模块发起请求;
所述许可申请代理模块设置为: 根据所述业务模块的请求, 向所述许可 授权控制模块发送许可鉴权请求, 并在所述许可鉴权请求中包含申请的许可 消耗值; 以及, 接收所述许可授权控制模块的许可鉴权结果, 并将所述许可 鉴权结果分发到相应的业务模块;
所述许可授权控制模块是设置为: 接收到所述许可鉴权请求时, 根据所 述共享许可文件的动态共享规则, 按照以下方式判定述许可对象系统的许可 鉴权请求是否合法: 判断所述许可鉴权请求中包含的所述许可对象系统申请 的许可消耗值, 与记录的所述许可共享组内其他许可对象系统的许可消耗值 的总和是否超出所述许可功能项的共享许可值, 如果未超出, 则判定所述许 可鉴权请求合法, 并返回许可鉴权成功结果; 如果超出, 则判定所述许可鉴 权请求不合法, 并返回许可鉴权失败结果。
11、 如权利要求 8或 9所述的系统, 其还包括与所述许可控制服务端相 通信的客户端, 所述客户端包括以下模块中的一个或多个:
导入许可文件界面, 其设置为提供共享许可文件导入入口;
许可合法性检查模块, 其设置为共享许可文件的合法性检查; 许可内容展现模块, 其设置为从所述许可控制服务端获取共享许可文件 内容并展示;
许可消耗汇总界面, 其设置为从许可控制服务端获取许可授权实时消耗 情况并展示。
12、 一种许可授权控制装置, 其包括配置单元, 收发单元和判断单元, 其中:
所述配置单元设置为: 配置许可共享组的共享许可值, 所述许可共享组 中包括一个或多个许可对象系统;
所述收发单元设置为: 接收所述许可对象系统发起的许可鉴权请求, 发 送给所述判断单元; 以及将所述判断单元发送来的许可鉴权结果返回给所述 许可对象系统;
所述判断单元设置为: 在接收到所述许可鉴权请求时, 根据所述许可对 象系统所在的许可共享组的共享许可值, 判断所述许可对象系统的许可鉴权 请求是否合法; 以及将许可鉴权结果发送给收发单元。
13、 如权利要求 12所述的许可授权控制装置, 其还包括存储管理单元, 所述存储管理单元设置为: 存储并管理为许可共享组配置的共享许可文件, 所述共享许可文件中包括配置的动态共享规则;
其中, 所述配置的动态共享规则包括如下信息: 许可功能项、 许可共享 组内各许可对象系统的编码信息和共享许可值。
14、 如权利要求 12所述的许可授权控制装置, 其中, 所述存储管理单元 还设置为: 根据所述许可鉴权请求中包含的所述许可对象系统申请的许可消 耗值, 保存并更新许可共享组的许可授权实时消耗记录, 所述许可授权实时 消耗记录中包括所述许可共享组内各许可对象系统的许可消耗值。
15、 如权利要求 12所述的许可授权控制装置, 其中, 所述判断单元是设 置为: 接收到所述许可鉴权请求时, 根据所述共享许可文件的动态共享规则, 按照以下方式判定述许可对象系统的许可鉴权请求是否合法: 判断所述许可 鉴权请求中包含的所述许可对象系统申请的许可消耗值, 与记录的所述许可 共享组内其他许可对象系统的许可消耗值的总和是否超出所述许可功能项的
17 181102924 共享许可值, 如果未超出, 则判定所述许可鉴权请求合法, 并返回许可鉴权 成功结果; 如果超出, 则判定所述许可鉴权请求不合法, 并返回许可鉴权失 败结果。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP11865533.1A EP2746978B1 (en) | 2011-08-19 | 2011-10-24 | License control method and system thereof |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110239160.8 | 2011-08-19 | ||
CN201110239160.8A CN102957666B (zh) | 2011-08-19 | 2011-08-19 | 一种许可控制方法及系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2012155456A1 true WO2012155456A1 (zh) | 2012-11-22 |
Family
ID=47176175
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2011/081191 WO2012155456A1 (zh) | 2011-08-19 | 2011-10-24 | 一种许可控制方法及系统 |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2746978B1 (zh) |
CN (1) | CN102957666B (zh) |
WO (1) | WO2012155456A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111160822A (zh) * | 2019-11-25 | 2020-05-15 | 广东俊杰农产品有限公司 | 一种新型关务管理系统 |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103841200B (zh) * | 2014-03-10 | 2017-03-29 | 上海华虹宏力半导体制造有限公司 | 一种软件许可的控制方法和装置 |
US10289814B2 (en) * | 2014-12-23 | 2019-05-14 | Intel Corporation | Licensing in the cloud |
CN111654914B (zh) * | 2015-09-08 | 2023-02-14 | 华为技术有限公司 | 用于上行数据传输的方法、网络设备和终端设备 |
CN106855921A (zh) * | 2015-12-09 | 2017-06-16 | 中国科学院声学研究所 | 基于嵌入式电视服务引擎Web运行时的应用权限管理方法 |
CN108023859B (zh) * | 2016-11-03 | 2022-04-29 | 中兴通讯股份有限公司 | License控制方法及系统 |
CN106991297B (zh) * | 2017-04-10 | 2019-01-18 | 北京深思数盾科技股份有限公司 | 软件许可的管理方法和系统及创建方法和系统 |
CN117478342A (zh) * | 2022-07-20 | 2024-01-30 | 中兴通讯股份有限公司 | 配置数据激活方法、装置、电子设备及存储介质 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006138177A2 (en) * | 2005-06-17 | 2006-12-28 | Macrovision Corporation | Software license manager employing license proofs for remote execution of software functions |
EP1287416B1 (en) * | 2000-04-07 | 2007-06-13 | Viatech Technologies Inc. | System and embedded license control mechanism for the creation and distribution of digital content files and enforcement of licensed use of the digital content files |
CN101256607A (zh) * | 2008-03-10 | 2008-09-03 | 北京深思洛克数据保护中心 | 一种对软件保护装置进行远程更新和使用控制的方法 |
CN101710377A (zh) * | 2009-10-28 | 2010-05-19 | 金蝶软件(中国)有限公司 | 实现软件许可服务的方法、装置及网络设备 |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040249760A1 (en) * | 2003-06-03 | 2004-12-09 | Bea Systems, Inc. | Self-service customer license management application using encrypted universal resource locators |
DE102004060784A1 (de) * | 2004-12-17 | 2006-07-06 | Abb Research Ltd. | Verfahren zur Lizenzvergabe und -verwaltung |
CN101046835A (zh) * | 2006-03-28 | 2007-10-03 | 中国科学院微电子研究所 | 一种基于与硬件设备绑定的数字内容保护方法 |
US20080183626A1 (en) * | 2007-01-31 | 2008-07-31 | Francisco Romero | Software license agreement management based on temporary usage |
CN101170446B (zh) * | 2007-12-03 | 2010-07-28 | 华为技术有限公司 | 一种进行许可证管理的方法、服务器、客户端和系统 |
JP2010086461A (ja) * | 2008-10-02 | 2010-04-15 | Sony Corp | ライセンス管理装置およびライセンス管理方法、ならびに、ライセンス管理システム |
JP2010267009A (ja) * | 2009-05-13 | 2010-11-25 | Canon Inc | ライセンス管理システム、ライセンス管理方法及びコンピュータプログラム |
-
2011
- 2011-08-19 CN CN201110239160.8A patent/CN102957666B/zh active Active
- 2011-10-24 EP EP11865533.1A patent/EP2746978B1/en active Active
- 2011-10-24 WO PCT/CN2011/081191 patent/WO2012155456A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1287416B1 (en) * | 2000-04-07 | 2007-06-13 | Viatech Technologies Inc. | System and embedded license control mechanism for the creation and distribution of digital content files and enforcement of licensed use of the digital content files |
WO2006138177A2 (en) * | 2005-06-17 | 2006-12-28 | Macrovision Corporation | Software license manager employing license proofs for remote execution of software functions |
CN101256607A (zh) * | 2008-03-10 | 2008-09-03 | 北京深思洛克数据保护中心 | 一种对软件保护装置进行远程更新和使用控制的方法 |
CN101710377A (zh) * | 2009-10-28 | 2010-05-19 | 金蝶软件(中国)有限公司 | 实现软件许可服务的方法、装置及网络设备 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111160822A (zh) * | 2019-11-25 | 2020-05-15 | 广东俊杰农产品有限公司 | 一种新型关务管理系统 |
Also Published As
Publication number | Publication date |
---|---|
EP2746978A1 (en) | 2014-06-25 |
CN102957666A (zh) | 2013-03-06 |
EP2746978A4 (en) | 2015-05-20 |
EP2746978B1 (en) | 2020-07-01 |
CN102957666B (zh) | 2017-02-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11651109B2 (en) | Permission management method, permission verification method, and related apparatus | |
WO2012155456A1 (zh) | 一种许可控制方法及系统 | |
CN111708991B (zh) | 服务的授权方法、装置、计算机设备和存储介质 | |
US11347876B2 (en) | Access control | |
WO2018024061A1 (zh) | 一种共享数字内容的许可证的方法、装置及系统 | |
US20230370265A1 (en) | Method, Apparatus and Device for Constructing Token for Cloud Platform Resource Access Control | |
CN103838987A (zh) | 一种基于局域网的软件许可证动态授权管理方法 | |
US9336369B2 (en) | Methods of licensing software programs and protecting them from unauthorized use | |
US9544137B1 (en) | Encrypted boot volume access in resource-on-demand environments | |
US11888980B2 (en) | Stateless service-mediated security module | |
CN111079091A (zh) | 一种软件的安全管理方法、装置、终端及服务器 | |
US9460272B2 (en) | Method and apparatus for group licensing of device features | |
RU2011131538A (ru) | Верификация приложения программного обеспечения | |
US20140157368A1 (en) | Software authentication | |
WO2020173019A1 (zh) | 访问凭证验证方法、装置、计算机设备及存储介质 | |
CN113271289A (zh) | 用于资源授权和访问的方法、系统和计算机存储介质 | |
EP3062254B1 (en) | License management for device management system | |
US9948632B2 (en) | Sharing data between sandboxed applications with certificates | |
WO2021222651A1 (en) | Methods, apparatus, and articles of manufacture to securely audit communications | |
CN110601852B (zh) | 用于语音对话平台的电子设备的鉴授权方法及系统 | |
CN112506678B (zh) | 基于认证和鉴权的rpc远程调用方法、系统以及存储介质 | |
CN103795694A (zh) | 许可控制方法及系统 | |
CN116208666B (zh) | 一种支持多源数据中心联合安全计算数据处理方法及装置 | |
US9442808B1 (en) | Session tickets for a backup and recovery system | |
CN114531486B (zh) | 一种工业互联网数据处理方法、装置、设备及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11865533 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2011865533 Country of ref document: EP |