Академический Документы
Профессиональный Документы
Культура Документы
ABSTRACT
It is really a boon for computer users that they get some software free with the operating
system. But what if this software was not given free and would have cost thousand dollars.
This would have given rise to the bug called “software piracy” but not to worry the bug is
still in the market and is the major concern of software developers. The major reasons of
piracy include the high cost of software and it is also the business of some unethical people
who have chosen piracy as their jobs. Various software companies are inclined towards the
research of techniques to handle this problem of piracy. Many defense mechanisms have
been devised till date but the hobbyists or the black market leaders so called “software
pirates” have always found a way out of it. This paper identifies flaws in the existing
defense mechanisms – the static defense mechanisms and identifies the impossibility to
prevent the duplication of digital data. The paper presents a dynamic defense mechanism
and makes it difficult to pirate. Furthermore it also enables a fine grained control over
distributed software. In this methodology the organization can not use the software on the
number of computers, exceeding the number of license purchased but it provides an ethical
way for optimal uses of that software in the network of the organization by dynamic
software and license management which morally and socially build an environment for the
prevention of software piracy.
“Borland No Nonsense License” [4] which allowed Software aging [12] is another technique that relies
the user to treat the software as the book. The license heavily on program updates. For this technique to
allowed an end user to install the software in as many work it is assumed that illegitimate users interact
computer machines the user needed, but limited the only with the original pirate to obtain these updates.
user to using only one copy in one machine at a time. As result pirated software becomes decreasingly
There was no license cracking built into the software usable because it is not kept up to date. This
and the license was enforced strictly by “honour protection mechanism is dynamic form of protection.
system”. [7] Techniques like tamper- proofing [9] and obfuscation
To tackle this problem this paper presents a diverse do not prevent software piracy to a great extent.
view of dynamic protection scheme. In such scheme Temper proofing which makes it hard to modify a
each installed copy of program is unique which program makes it harder to remove embedded
actually differs from all other installed copies to protection mechanism. Obfuscation, which makes a
guarantee that the attacks cannot be generalized program more difficult to analyze, can be used to
successfully to other installed copies. hide the location of the protection mechanism.
An additional advantage of the proposed scheme is a A combined hardware software approach is used by
fine grained level of control over the distributed trusted computing platform alliance (TCPA), [10]
copies. This follows from the fact that a software Microsoft also started a comparable initiative called
provider in our scheme can enable the installation of Palladium. [5]
a copy on an arbitrary number of machines or even
tolerate an arbitrary level of software piracy. 2.2 Fundamental flaws in the existing piracy
prevention scheme:
2 Related work to stop software piracy: Furthermore, any future software protection scheme
This section provides an overview of the related will eventually be broken because it must depend on
work that has been done to stop software privacy and the operation of a finite state machine. Given enough
identifies their fundamental weaknesses. time and effort, this finite state machine can be
examined and ultimately modified at will by a
malicious host running the software, because the
2.1 Overview: owner of the software cannot impose restrictions on
The fundamental idea to stop piracy is very simple as the host means to inspect the program. For example,
in nature the genetic diversity provides protection only a few months were needed to create a key
against an entire species being wiped out by a single generator for the activation of Windows XP, which
virus or disease so is the software diversity. was one of the most complete systems, including on
Piracy prevention has drawn a lot of attention from –line activation and links to the hardware. [6]
both the software industry and the academic The disadvantage of static protection mechanism is
community. This large interest in piracy prevention that once a copy is available that undoes the static
is largely due to the huge financial loses attributed to copy protection or no longer carries the identification
software piracy, and has resulted in a plethora of of the perpetrator, it can be distributed virtually
technical means. These include hardware based and unlimited and the software provider can no longer
software based approaches. enforce its copyright. In short it is the static nature of
All hardware based approaches use tokens. In these existing defense mechanisms that makes them bound
schemes it is impossible to execute the program to fail.
without the presence of a hardware component like Another reason why static protection techniques are
CD, Dongle, and smartcard. The link between so susceptible to attacks is that, while the first copy
software and token can be weak or strong. [5] is very expensive to produce, subsequent copies are
The most common software based approaches are inexpensive to reproduce and distribute. This is an
also based on the use of the token such as license important facilitating condition for software privacy;
key, license file or an activation code likewise token hence its elimination will make software privacy less
and software can be weakly or strongly connected. attractive. [3]
While software watermarking [13] and fingerprinting As in the world of physical objects where each object
are not the techniques that prevent copying of is unique and cost to reproduce it is nonzero , we
software itself, they dissuade the pirate by increasing believe that the only way to achieve useful
the likelihood of being caught. This is done by reproduction at nonzero cost is to make each
adding identification to released copy. One legitimate copy unique. This is most obvious for the
advantage of finger printing is that it is more difficult hardware based mechanism as they combine the
for attacker to be sure that he has removed a software with a unique hard to duplicate, physical
fingerprint, and then it is to be sure that a copy object. The software approaches also use a part that
protection mechanism has been cracked. One is unique for each install copy such as license
disadvantage of fingerprinting is its reliance on number, license file, activation code, decryption key
cumbersome legal measures. or fingerprint. Software aging uses a key to identify
legal owners of a copy and TCPA identifies the host • Electronic software distribution and
computer and operating system. Licensing (ESDL): ESDL is the combination of
A fundamental drawback of these schemes however electronic software distribution and electronic
is that these unique parts are not part of original software licensing. [8]
program instead they were added for the purpose of
copyright protection. We believe that this is one of 3. Distributed software and License key
the reasons why they have been proven to be management:
relatively easily removed or circumvented. Distributing files over network has been considered a
great achievement in the development of computer
2.3 Software distribution model: technologies. Message distribution has been the core
This paper presents a software distribution model technique behind the success and popularity gained
whose components are: by Distributed Systems.
• Software providers: who want to maximize A distributed system can be defined as the one in
their profits now and in the future. which components located at networked computers
communicate and coordinate their actions by passing
• Legitimate users: who are willing to pay for the messages. This definition of distributed systems
software and want to use it without being leads to the following characteristics of distributed
systems as-concurrency of components, lack of
impaired by the piracy prevention mechanism.
global clock and independent failures of components.
The distribution of files or information over the
• Pirates: who have technical skills and the desire network faces a lot of problems to achieve better
to circumvent the piracy prevention mechanism efficiency in distributed systems. The message
and want to minimize the risk of being caught. delivery should be fast and number of messages
should be less to achieve efficiency in distributed
• Illegitimate users: who have no technical skills systems. The transfer of message should be fast and
and want to enjoy the same privileges as for this UDP messages are preferred.
legitimate users without proper compensation.
3.1 Methodology:
We will assume that number of pirates is
In this model an organization tries to keep the
limited. [5] information about the specified software on a single
machine (considered as coordinator) and the
2.4 Electronic software distribution (ESD): complete management of the dynamic distribution of
The cost of shipping of some software was very high that software and its license is to be done on the
which was also to be paid by the customer. This same machine. The selection of the coordinator is
inspired the customer towards piracy. In order to done arbitrary or by executing the election
solve this problem a technique called ESD came into algorithms. If in any case the coordinator goes down
existence ESD is also known as digital distribution or than any other machine is voluntary elected as the
electronic software delivery. It refers to the practice coordinator to provide uninterrupted functioning for
of allowing users to download software products dynamic or electronic distribution of the software
electronically (and primarily over the internet) as license. Here the software and license key
opposed to receiving physical media. Although not management is done dynamically by the coordinator
all software vendors discount the prices of machine. The coordinator machine is responsible to
electronically distributed software from the price of make an account for all those machines which are
the physically distributed versions, such a discount is executing the software. In this methodology the
common, as electronic distribution can typically be organization cannot use the software on the number
much less costly for the vendors than its of computers, exceeding the number of license
conventional counterpart. purchased but this methodology provides an ethical
ESD as a service can be further broken down based way for optimal uses of the software in the network
on straight purchase of the software (above) and try – of an organization. Therefore it prevents
before – you – buy (TBYB), TBYB allows the organizational piracy and supports optimal use of
consumer to try the product for limited time or with software in the network of an organization, for
limited features and then, through the software example if there are 500 users in a network and
interface, purchase the software from the publisher. software is used by at most 300 users at a time then it
• ESD services are broken down into several is better to take 300 licenses and use it with the
components including Digital Rights prevention of piracy.
Managements (DRM), Trial Management and the In this scheme a machine known as
transaction or E-commerce component. Each of coordinator is dedicated for dynamic software and
the services can be purchased and managed as license management. Generally the coordinator
standalone components or they can be outsourced machine is that machine which executes the software
through third party companies. first of all in the network. When this machine first of
all executes the software, it broadcast the search list. It also updates its counter and increases it by
message packets in the network because there is no one.
machine in the network which is working as the
coordinator at that moment; no response message is 3.2 Fault Tolerance:
transferred back. This gives the knowledge to that A common approach to provide fault tolerance in
machine that no coordinator is there in the network distributed systems is by replicating data at many
and the machine itself becomes the coordinator. The sites. If a site is not available the data can still be
coordinator machine keeps a port at transport layer obtained from copies at other sites. Commit
reserved for listening the incoming request messages. protocols can be employed to update multiple copies
It also has a counter which keeps a check on number of the data. In commit protocols, when a site is
of license keys that are reserved at a particular unreachable the coordinator sends messages
instant of time to various users. Besides this the repeatedly and eventually may decide to abort the
coordinator machine maintains a list of active clients transaction, thereby deny access to data. However it
which are executing the software and a separate list is desirable that the sites continue to operate even
for the waiting clients. when other sites have crashed. Another well known
Subsequently when any other machine requires technique used to manage replicated data is the
software to execute, it broadcast same message voting mechanism. With the voting mechanism each
request packet dedicated for that specific port in the replica is assigned some number of votes and the
network and waits for its response. The coordinator majority of votes must be collected from a process
listens the request messages of these clients and before it can access a replica. The voting mechanism
sends them back a response message indicating the [14] is more fault tolerant than a commit protocol
presence of coordinator. In this process the because it allows access to data under network
coordinator gets the IP address of the client machines partitions, site failures and message losses without
and the client machines gets the IP address of the compromising the integrity of data. One of the voting
coordinator machine and now here after they can mechanism algorithms is Maekawa’s voting
communicate to each other by unicasting the algorithm.
message packets. In this stage the client will get an If the coordinator goes down it may create severe
inactive copy of the software which needs a runtime problems. We consider a very general model of
license key to come in the active and working state. coordinator failures. A coordinator may fail in three
At this time the client sends the message packet to modes: crash fault, omission fault, malicious fault. In
the coordinator demanding a dynamic license key. crash fault, the coordinator stops functioning and
The coordinator keeps the status of the copy of the never resumes operation. In an omission fault the
currently active software on the various client coordinator omits to send messages to some sites.
machines. Here two cases arises:- For example, a processor is supposed to broadcast
Case 1: If the number of machines executing the the message to all other processors, but it sends the
software are less than the number of license message to only few processors. In malicious fault
purchased –in this case a message packet containing the coordinator behaves randomly and arbitrarily.
the 32 bit encrypted license key is transferred back to In case the client goes down then a problem can
the client. On receiving the license key electronically arise. To counteract the problem the coordinator
the client’s software application turns into active or periodically sends the ‘isalive’ query message to the
working state. This information is updated in the list clients those who are registered in the active client
of currently active clients available with the list. The coordinator also sends the copy of active
coordinator. It also updates the counter and decreases users to these clients along with the query message in
it by one. order to recover from a crash of the coordinator. In
Case 2: If the number of machines executing the case of abnormal shutdown or the abnormal
software is greater than the number of license termination of the active software the client would
purchased—in this case after the client has not respond back to the coordinator. The coordinator
demanded the license key from the coordinator, a checks this scenario once again for the confirmation.
message is sent to the client by the coordinator which When the coordinator has confirmed the information
ask the client whether to wait or quit. If the client about abnormal termination of machine or software,
waits for the key then it is put into the waiting list. it explicitly removes the specific entry from the
The concept of waiting list works on the principal of current active list and decreases the counter value by
FIFO. As soon as a client quits the execution of one. By doing so the coordinator always remains
software, the key is given to the first waiting client of updated about the current active sessions of the
the waiting list. software executing on the network. Along with these
On the peaceful termination of the client software, a functioning the coordinator periodically updates its
message packet is transferred to the coordinator own copy of current active list to the client machines
indicating about its termination and coordinator also.
eliminates the specific entry from the active client If in case the coordinator crashes, the client will
eventually get an idea of it. For this to happen client
In this way a client machine would be elected and 2) Now machine B (client B) requires software to
made coordinator machine. It will have the list of all execute so it broadcast request message at port
the client machines which was been sent by previous X of machine A and waits.
coordinator to this machine. Now a message is been
transmitted by the new coordinator to all currently a) Machine A (coordinator) listens and replies.
active clients so that they can know the IP address of b) Machine A and B communicate through
the new coordinator. In this scheme the software and unicast message as now they know each
license management is done dynamically by the new other’s IP address.
coordinator. c) Machine B demands for license key.
There may be the case when two client machines d) Coordinator (machine A) checks for the
declare them as the coordinator at the same time. In number of machines executing the
such cases agreement protocols can be used and software let it be stored in the variable-
according to the consensus only one machine is ‘count’.
declared as coordinator.
If count < number of licenses purchased
Coordinator updates the count as count-- The scheme prevents piracy by issuing less number
of licenses to the computers on the network than the
Else machine B is asked to wait or quit. exact number of computers but checks that license
keys are given at run time only to that number of
3) If machine B wants to terminate so it sends a
machines as the number of license purchased.
connection termination request to the
coordinator. c) Internet piracy and software counterfeiting :
a) Coordinator deletes the entry of this machine Internet piracy is the act of making unauthorised
from the list of the active users. copy of copyrighted software available to others
b) Coordinator updates count as count++.
c) First machine which is waiting in the waiting electronically. Software counterfeiting is the illegal
queue is given the license key along with the duplication and distribution of copyrighted software
updating done by the coordinator in the list in a form designed to make it appear legitimate.
and the count variable.
Both forms consist of installing a piece of software
on more computers than allowed. The scale typically
3.4 Solutions to Various forms of piracy: larger than of the forms discussed in the previous
There are multiple forms of piracy which are a cause paragraph. We assume that there cannot be a
of concern for software developers. In this section
continuing interaction between the pirate and
we will come across how this paper stands before all
forms of piracy and makes them viable. illegitimate users, as the exposure of the pirate and
a) Cracks and Serials: thus the risk of legal action against him would be too
high.
Cracks and serials are forms of software piracy that
consists of legally obtaining an evaluation version This scheme provides a way to use the same number
and subsequently entering a copied license code or of license keys as purchased by an organization.
applying a generic patch that undergoes a copy
protection. This is a widespread form of piracy. It is In practice, the majority of versions printed this way
so popular because of small amount of information has the same origin. For example, most of the pirated
that needs to be exchanged illegally distribute and versions of windows XP were tied to a few volume
obtain a license code or a patch than a complete license product keys. Given the large scale , the
program. The scheme so proposed gives a dynamic software provider probably can become aware of
piracy, for example by searching the internet for
solution to the problem of piracy as the key is
illegally distributed copies alternatively ,as these
provided at the run time. illegitimate versions need to be kept sound and up
to date and there cannot be a continuing interaction
b) Soft lifting and hard disk loading: with the original pirate ,many requests for the same
instance. This would also arise the suspicion of the
The term soft lifting refers to the act of piracy where software provider. If an instance is considered to be
one copy is legally obtained and installed on more corrupted, the software provides updates for these
computers than allowed. instances, thereby impairing the illegitimate user.
4 Feasibility Study:
Hard disk loading is the unauthorised installation of
copies of software onto the hard disks of personal This section is devoted to the feasibility check for the
computers, often as an incentive for the end user to scheme. The feasibility study is done under five
buy the hardware. categories-TELOS: Technical feasibility,
Economical feasibility, Legal feasibility, Operational
Both forms consist of installing the software on more
feasibility, Social feasibility.
computers than allowed by the license. In these
cases, we can expect exchange of updates between
the legitimate user of the copy and the illegitimate
user of the same copy. We assume that the software 4.1 Technical Feasibility:
provider cannot easily become aware of these forms
of piracy because of the limited size of communities The scheme is completely technically feasible
sharing the copy. because the technique used is based on distributed
systems and electronic distribution of software. The
electronic distribution of software and dynamically
providing the license key at the run time provides a • Remove any proprietary notices or labels on the
way to stop piracy. Till date only static protection software.
measures against piracy were common which were
not of great use so this scheme is the advanced • Make more copies of the software than the
version of technology. number of obtained license.
The scheme also prevents the piracy and thus cuts evaluation period.
down the cost on both the sides-software developer
side and the customer side.
Development and runtime license restriction: in
Now there arises a question why will a software addition to the general restrictions you may NOT
developer provide less number of licenses to an
organisation which is implementing this concept for • Use the software on the number of
computers exceeding the number of license
optimal use of software. The answer to this question
purchased.
lies in the fact that the piracy is more costly then this
act of providing less number of licenses to the • Use development license key for
organisation. redistributing your applications.
“Run Time License Key” means a file that is 4.5 Social Feasibility:
required for the distribution of the licensee’s work The most important aspect that the scheme covers is
its social importance. The scheme provides a way to
that enclose the software.
stop piracy in the society and will also be helpful in
inculcating moral values in the society. The software
“Personal License” means a license is the individual
piracy starts at the individual level and then moves
specified in development and runtime license key. on to family level, society level and last to all other
levels.
The scheme provides following license restriction. According to the Global Report on Software Piracy:”
the unauthorized copying of personal computer
You may NOT software for use in office or at home or ”sharing” of
• Modify, adapt, alter, translate, decompile, software among friends and co-workers is the most
reverse engineer, and disassemble the software. pervasive form of piracy encountered and is