Application Licensing Using Mobile Agents - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

Application Licensing Using Mobile Agents

Description:

Available to the User, via printed or electronic media. Stored in ... Holographic signatures. Prototype using Aglets. CSE_at_UTA. Questions? kamangar_at_cse.uta.edu ... – PowerPoint PPT presentation

Number of Views:82
Avg rating:3.0/5.0
Slides: 20
Provided by: nic1105
Category:

less

Transcript and Presenter's Notes

Title: Application Licensing Using Mobile Agents


1
Application Licensing Using Mobile Agents
  • Dr. Farhad A. Kamangar
  • Nikhil M. Chakravarthy

2
Outline
  • Software Licensing
  • Problem Statement
  • Proposed Solution
  • Summery
  • Future Work

3
Software Licensing
  • Motivation.
  • Revenue.
  • U.S. Census bureau data in 2001.
  • Revenue totaled 95.4 billion in 1999.
  • Software information industry association
    (SIIA).
  • Losses due to piracy at about 12 billion.
  • Who is using it?
  • Bin Laden used PGP?

4
Software Licensing
  • License key.
  • Available to the User, via printed or electronic
    media.
  • Stored in software.
  • Verification algorithm verifies the key.

5
Problem Statement
  • License key is available to the user before
    installation.
  • Leads to repeatable installation.
  • Can analyze key to derive verification algorithm.
  • Can analyze code to find stored key.

6
Current Scenario
7
Proposed Solution
  • Design a licensing protocol which does not
    disclose the license key to the user.

8
Proposed Scenario
9
Protocol
10
Software Fragmentation
  • Two piece jig saw
  • One part on server (encrypted by key K)
  • One part installed
  • Watermarked
  • Tamper proofed
  • Obfuscated

11
Machine Signature
  • Parameters
  • Hardware
  • Network card Mac address
  • Hard drive
  • Memory
  • Video card
  • Software
  • Operating system
  • Domain name / IP
  • File stamps

12
Deriving the Key
  • Generate machine signature (ms)
  • Collect user information (ui)
  • Send the two to the server. I (msui)
  • Select generator (G) and verifier (V) pair
  • Key is generated by G. K g(i)
  • Verified by V. V(K) T

13
Patching
  • Send Mobile Agent. MG, ui, V
  • Generate machine signature (ms)
  • Reconstruct the key. K G(uims)
  • Decrypt the fragment
  • Complete the jig saw
  • Reply / Return (Optional)

14
Sequence
Get Fingerprint
15
Summery
  • User does not have access to the key.
  • Mobile Agent delivers the license key.
  • Software is fragmented and delivered in two
    steps.
  • Machine signature is generated.

16
Future Work
  • Machine Signature
  • Loosely / Tightly Coupled
  • Holographic signatures
  • Prototype using Aglets

17
Questions?
  • kamangar_at_cse.uta.edu
  • chakrava_at_cse.uta.edu

18
References
  • Collberg, C.S., Thomborson, C., Watermarking,
    tamper-proofing, and obfuscation - tools for
    software protection'', Software Engineering,
    IEEE Transactions on , Volume 28 Issue 8 , Aug
    2002 Page(s) 735 746
  • James W. Stamos and David K. Gifford, Remote
    Evaluation'', ACM Transactions on Programming
    Languages and Systems, 12(4) 537--565, October
    1990.
  • Giovanni Vigna (Ed.), Mobile Agents and
    Security'', Lecture notes in computer science,
    Vol 1419, Springer, 1998, ISBN 3-540-64792-9.

19
References
  • D. B. Lange, M. Oshima, Programming and
    Deploying Java Mobile Agents with Aglets'',
    Addison-Wesley, 1998.
  • Bruce Schneier, Applied Cryptography
    Protocols, Algorithms, and Source Code in C 2nd
    Edition'', Publishers John Wiley Sons, Inc.
    ISBN 0-471-12845-7.
Write a Comment
User Comments (0)
About PowerShow.com