Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
2Activity
0 of .
Results for:
No results containing your search query
P. 1
DISTRIBUTED SOFTWARE AND LICENSE KEY MANAGEMENT “AN INITIATATIVE TO STOP SOFTWARE PIRACY_404

DISTRIBUTED SOFTWARE AND LICENSE KEY MANAGEMENT “AN INITIATATIVE TO STOP SOFTWARE PIRACY_404

Ratings: (0)|Views: 191|Likes:
Ubiquitous Computing and Communication Journal (ISSN 1992-8424), is an international scientific journal dedicated to advancing the information and communication technology. With a world-wide membership, UBICC is a leading resource for computing professionals and students working in the disciplines of information technology and the impact on society. In particular UBICC journal provides global perspective on new developments in ubiquitous and pervasive computing technologies. The journal is committed to provide platform to present discuss and exchange experimental or theoretical results, trend-setting ideas in the emerging field of ubiquitous computing and related disciplines. UBICC publishes peer-reviewed, interesting, timely and accessible contributions from researchers from all over the globe. The Journal is an essential resource for researchers and educators who wish to understand the implications of ubiquitous computing. In addition to regular publication UBICC also participate in international conferences on related subject and publishes the selected papers with the special issue.
Ubiquitous Computing and Communication Journal (ISSN 1992-8424), is an international scientific journal dedicated to advancing the information and communication technology. With a world-wide membership, UBICC is a leading resource for computing professionals and students working in the disciplines of information technology and the impact on society. In particular UBICC journal provides global perspective on new developments in ubiquitous and pervasive computing technologies. The journal is committed to provide platform to present discuss and exchange experimental or theoretical results, trend-setting ideas in the emerging field of ubiquitous computing and related disciplines. UBICC publishes peer-reviewed, interesting, timely and accessible contributions from researchers from all over the globe. The Journal is an essential resource for researchers and educators who wish to understand the implications of ubiquitous computing. In addition to regular publication UBICC also participate in international conferences on related subject and publishes the selected papers with the special issue.

More info:

Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/12/2014

pdf

text

original

 
DISTRIBUTED SOFTWARE AND LICENSE KEY MANAGEMENT“AN INITIATIVE TO STOP SOFTWARE PIRACY”
 
Vineet Sharma
1
, Dr. S.A.M.Rizvi
2
, Dr. S. Zeeshan Hussain
3
 
1
Krishna Institute of Engineering & Technology, Ghaziabad, India
2,3
Jamia Millia IslamiaCentral University, New DelhiVineet_sharma@kiet.edu
ABSTRACT
It is really a boon for computer users that they get some software free with the operatingsystem. But what if this software was not given free and would have cost thousand dollars.This would have given rise to the bug called “software piracy” but not to worry the bug isstill in the market and is the major concern of software developers. The major reasons of piracy include the high cost of software and it is also the business of some unethical peoplewho have chosen piracy as their jobs. Various software companies are inclined towards theresearch of techniques to handle this problem of piracy. Many defense mechanisms havebeen devised till date but the hobbyists or the black market leaders so called “softwarepirates” have always found a way out of it. This paper identifies flaws in the existingdefense mechanisms – the static defense mechanisms and identifies the impossibility toprevent the duplication of digital data. The paper presents a dynamic defense mechanismand makes it difficult to pirate. Furthermore it also enables a fine grained control overdistributed software. In this methodology the organization can not use the software on thenumber of computers, exceeding the number of license purchased but it provides an ethicalway for optimal uses of that software in the network of the organization by dynamicsoftware and license management which morally and socially build an environment for theprevention of software piracy.
Keywords
-
End User License Agreements (EULAs), Electronic software distribution(ESD), Electronic software distribution and Licensing (ESDL), Distributed software andLicense key management, Byzantine agreement protocol, Election Algorithms
1. INTRODUCTION
Among the various approaches that have beenexplored recently to counteract the problem of software piracy, some are of legal, ethical andtechnical means.Legal means are based on the fear of consequencesof violating piracy law. But while most softwarepiracy cases legal means are available, prosecutionon a case by case basis is economically unviable.Furthermore, it is conceived as bad publicity and cantake a long time.Ethical measures relate to making software piracymorally unappealing. While the intentions arelaudable, it takes even more time to change the moralstandards of a larger group of people. [5]The technical means include the static measures of defense which incorporates in itself the protectionmechanism that is built into the distributed database.Once the system is broken then the static protectiontechniques are not satisfactory at all.It is a matter of history that with the introduction of IBM PC in the early 1980’s a revolution began.Some famous software applications like “wordstar”,”lotus123”,”dBase” were used with IBM PC.Hardware was relatively more expensive thansoftware, and often inclusions of the latest version of these software packages with new system were verycommon and routinely expected. Upgrades to thesoftware packages were available usually directlyfrom the developers, or as often was the case throughresellers, but always incurred additional fees.Tragically, this also led to underground trade onthese applications. Ironically, the more popular theapplication was, the greater its appeal in the so called“black market” and its traders, the “software pirates”.[1, 4]The concept of “software license was developed bythe software industry since its early inspection. Mostlicenses were limited to operating systems anddevelopment tools. Enforcement of licenses wasrelatively trivial and painless. Any software customerhad certain rights and expectations from the softwareand developer. Some software was licensed only toone user or one machine, while some software mayhave been licensed to a site specifying the maximumnumber of machines or concurrent instances of theprogram in execution (processes). These are alsoknown as “End User License Agreements” (EULAs).The terms of each EULA may vary but the generalpurpose is the same – establish the terms of contractbetween software developer and user of softwareproduct. [4]Borland licensed is TURBO PASCAL and othersoftware categories under what was referred as the
UbiCC Journal - Volume 5www.ubicc.org1
770
 
“Borland No Nonsense License” [4] which allowedthe user to treat the software as the book. The licenseallowed an end user to install the software in as manycomputer machines the user needed, but limited theuser to using only one copy in one machine at a time.There was no license cracking built into the softwareand the license was enforced strictly by “honoursystem”. [7]To tackle this problem this paper presents a diverseview of dynamic protection scheme. In such schemeeach installed copy of program is unique whichactually differs from all other installed copies toguarantee that the attacks cannot be generalizedsuccessfully to other installed copies.An additional advantage of the proposed scheme is afine grained level of control over the distributedcopies. This follows from the fact that a softwareprovider in our scheme can enable the installation of a copy on an arbitrary number of machines or eventolerate an arbitrary level of software piracy.
2 Related work to stop software piracy:
 This section provides an overview of the relatedwork that has been done to stop software privacy andidentifies their fundamental weaknesses.
2.1 Overview:
The fundamental idea to stop piracy is very simple asin nature the genetic diversity provides protectionagainst an entire species being wiped out by a singlevirus or disease so is the software diversity.Piracy prevention has drawn a lot of attention fromboth the software industry and the academiccommunity. This large interest in piracy preventionis largely due to the huge financial loses attributed tosoftware piracy, and has resulted in a plethora of technical means. These include hardware based andsoftware based approaches.All hardware based approaches use tokens. In theseschemes it is impossible to execute the programwithout the presence of a hardware component likeCD, Dongle, and smartcard. The link betweensoftware and token can be weak or strong. [5]The most common software based approaches arealso based on the use of the token such as licensekey, license file or an activation code likewise tokenand software can be weakly or strongly connected.While software watermarking [13] and fingerprintingare not the techniques that prevent copying of software itself, they dissuade the pirate by increasingthe likelihood of being caught. This is done byadding identification to released copy. Oneadvantage of finger printing is that it is more difficultfor attacker to be sure that he has removed afingerprint, and then it is to be sure that a copyprotection mechanism has been cracked. Onedisadvantage of fingerprinting is its reliance oncumbersome legal measures.Software aging [12] is another technique that reliesheavily on program updates. For this technique towork it is assumed that illegitimate users interactonly with the original pirate to obtain these updates.As result pirated software becomes decreasinglyusable because it is not kept up to date. Thisprotection mechanism is dynamic form of protection.Techniques like tamper- proofing [9] and obfuscationdo not prevent software piracy to a great extent.Temper proofing which makes it hard to modify aprogram makes it harder to remove embeddedprotection mechanism. Obfuscation, which makes aprogram more difficult to analyze, can be used tohide the location of the protection mechanism.A combined hardware software approach is used bytrusted computing platform alliance (TCPA), [10]Microsoft also started a comparable initiative calledPalladium. [5]
2.2 Fundamental flaws in the existing piracyprevention scheme:
Furthermore, any future software protection schemewill eventually be broken because it must depend onthe operation of a finite state machine. Given enoughtime and effort, this finite state machine can beexamined and ultimately modified at will by amalicious host running the software, because theowner of the software cannot impose restrictions onthe host means to inspect the program. For example,only a few months were needed to create a keygenerator for the activation of Windows XP, whichwas one of the most complete systems, including on–line activation and links to the hardware. [6]The disadvantage of static protection mechanism isthat once a copy is available that undoes the staticcopy protection or no longer carries the identificationof the perpetrator, it can be distributed virtuallyunlimited and the software provider can no longerenforce its copyright. In short it is the static nature of existing defense mechanisms that makes them boundto fail.Another reason why static protection techniques areso susceptible to attacks is that, while the first copyis very expensive to produce, subsequent copies areinexpensive to reproduce and distribute. This is animportant facilitating condition for software privacy;hence its elimination will make software privacy lessattractive. [3]As in the world of physical objects where each objectis unique and cost to reproduce it is nonzero , webelieve that the only way to achieve usefulreproduction at nonzero cost is to make eachlegitimate copy unique. This is most obvious for thehardware based mechanism as they combine thesoftware with a unique hard to duplicate, physicalobject. The software approaches also use a part thatis unique for each install copy such as licensenumber, license file, activation code, decryption keyor fingerprint. Software aging uses a key to identify
Special Issue of Ubiquitous Computing Security Systems
UbiCC Journal - Volume 5www.ubicc.org
1771
 
legal owners of a copy and TCPA identifies the hostcomputer and operating system.A fundamental drawback of these schemes howeveris that these unique parts are not part of originalprogram instead they were added for the purpose of copyright protection. We believe that this is one of the reasons why they have been proven to berelatively easily removed or circumvented.
2.3 Software distribution model:
This paper presents a software distribution modelwhose components are:
 
Software providers: who want to maximizetheir profits now and in the future.
 
Legitimate users: who are willing to pay for thesoftware and want to use it without beingimpaired by the piracy prevention mechanism.
 
Pirates: who have technical skills and the desireto circumvent the piracy prevention mechanismand want to minimize the risk of being caught.
 
Illegitimate users: who have no technical skillsand want to enjoy the same privileges aslegitimate users without proper compensation.We will assume that number of pirates islimited. [5]
2.4 Electronic software distribution (ESD):
The cost of shipping of some software was very highwhich was also to be paid by the customer. Thisinspired the customer towards piracy. In order tosolve this problem a technique called ESD came intoexistence ESD is also known as digital distribution orelectronic software delivery. It refers to the practiceof allowing users to download software productselectronically (and primarily over the internet) asopposed to receiving physical media. Although notall software vendors discount the prices of electronically distributed software from the price of the physically distributed versions, such a discount iscommon, as electronic distribution can typically bemuch less costly for the vendors than itsconventional counterpart.ESD as a service can be further broken down basedon straight purchase of the software (above) and try –before – you – buy (TBYB), TBYB allows theconsumer to try the product for limited time or withlimited features and then, through the softwareinterface, purchase the software from the publisher.
 
ESD services are broken down into severalcomponents including Digital RightsManagements (DRM), Trial Management and thetransaction or E-commerce component. Each of the services can be purchased and managed asstandalone components or they can be outsourcedthrough third party companies.
 
Electronic software distribution andLicensing (ESDL): ESDL is the combination of electronic software distribution and electronicsoftware licensing. [8]
3. Distributed software and License keymanagement:
Distributing files over network has been considered agreat achievement in the development of computertechnologies. Message distribution has been the coretechnique behind the success and popularity gainedby Distributed Systems.A distributed system can be defined as the one inwhich components located at networked computerscommunicate and coordinate their actions by passingmessages. This definition of distributed systemsleads to the following characteristics of distributedsystems as-concurrency of components, lack of global clock and independent failures of components.The distribution of files or information over thenetwork faces a lot of problems to achieve betterefficiency in distributed systems. The messagedelivery should be fast and number of messagesshould be less to achieve efficiency in distributedsystems. The transfer of message should be fast andfor this UDP messages are preferred.
3.1 Methodology:
In this model an organization tries to keep theinformation about the specified software on a singlemachine (considered as coordinator) and thecomplete management of the dynamic distribution of that software and its license is to be done on thesame machine. The selection of the coordinator isdone arbitrary or by executing the electionalgorithms. If in any case the coordinator goes downthan any other machine is voluntary elected as thecoordinator to provide uninterrupted functioning fordynamic or electronic distribution of the softwarelicense. Here the software and license keymanagement is done dynamically by the coordinatormachine. The coordinator machine is responsible tomake an account for all those machines which areexecuting the software. In this methodology theorganization cannot use the software on the numberof computers, exceeding the number of licensepurchased but this methodology provides an ethicalway for optimal uses of the software in the network of an organization. Therefore it preventsorganizational piracy and supports optimal use of software in the network of an organization, forexample if there are 500 users in a network andsoftware is used by at most 300 users at a time then itis better to take 300 licenses and use it with theprevention of piracy.In this scheme a machine known ascoordinator is dedicated for dynamic software andlicense management. Generally the coordinatormachine is that machine which executes the softwarefirst of all in the network. When this machine first of 
Special Issue of Ubiquitous Computing Security Systems
UbiCC Journal - Volume 5www.ubicc.org
1772

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->