as) United States
`a2) Patent Application Publication 10) Pub. No.: US 2008/0320607 Al
`
`(43) Pub. Date: Dec. 25, 2008
`Richardson
`
`US 20080320607A1
`
`(54) SYSTEM AND METHOD FOR AUDITING
`SOFTWARE USAGE
`
`(75)
`
`Inventor:
`
`Ric B. Richardson,Irvine, CA
`(US)
`
`Correspondence Address:
`CONNOLLY BOVE LODGE & HUTZ LLP
`P.O. BOX 2207
`WILMINGTON,DE 19899 (US)
`
`(73) Assignee:
`
`UNILOC USA,Irvine, CA (US)
`
`(21) Appl. No.:
`
`12/140,917
`
`(22)
`
`Filed:
`
`Jun. 17, 2008
`
`Related U.S. Application Data
`
`(60) Provisional application No. 60/945,359, filed on Jun.
`21, 2007.
`
`Publication Classification
`
`(51)
`
`Int. Cl.
`GO6F 21/22
`
`(2006.01)
`
`(52) US. CMe cccseccsssssssssssssesseesssesssessssssssssnnneseeseees 726/33
`
`(57)
`
`ABSTRACT
`
`Systems and methods are provided for auditing and selec-
`tively restricting software usage based on, for example, soft-
`ware copy counts or execution counts. In one embodiment,
`the method comprises verifying whetherthe serial numberfor
`asoftware installed on a computing device correspondsto one
`of recognized serial numbers, and calculating a copy count
`(or software execution count) for the serial number.
`In
`responseto the copy count exceeding a defined upperlimit, a
`limited unlock key may be sent to the device. The limited
`unlock key may allow the software to be executed on the
`device for a defined time period, a defined numberof execu-
`tions, and/or with at least one feature ofthe software disabled.
`
`PUTT ett eee eee mem nnn erme 7
`
`
`ane
`
`
`
`43
`Ask userfor product
`serial number
`
`45
`
`fingerprint (unique ID)
`
`48
`
`47
`
`No
`
`Requestfor unlock
`code received by
`Authorization Authority|
`
`64
`
`
`62
`
` Is Serial
`
`Number
`legitimate and
`
`exists?
`
`Yes
`
`Yes
`
`Yes
`
`63
`
` Is
`copy count
`
`between 1-
`
`>
`:
`is
`
`
`coycount
`
`
`
`No
`
`copy count 30
`
`or greater?
`
`
`APPLE EXHIBIT 1104
`Page | of 10
`
`'
`:
`eo
`
`40
`
`
`
`Start
`Software
`
`49
`
`Exit
`Application
`
`Inform user of
`successful
`authorization
`
`51
`
`50
`
`Allow
`Application
`torun
`
`i
`
`i
`
`i
`:
`
`t '
`
`i'
`
`' :t't
`
`
`is unlock
`
`key present
`Get hardware
`and current?.
`
`Serial Number and
`Yes
`
`unique ID sent to
`
`Authorization Authority
`
`
`
`Compare
`key to host
`hardware
`
`No
`Pass
`Inform user that
`their request
`hasfailed
`
`
` with 60 days
`
`
`
`Send key
`
`use
`
`Send key
`with 90 days
`use
`
`
`
`Store
`unlock key
`
`r~ 6a
`
`ro 6s
`
`——_ 68
`
`Send key
`
`use
`
`
`
`APPLE EXHIBIT 1104
`Page 1 of 10
`
`

`

`Patent Application Publication
`
`Dec. 25, 2008 Sheet 1 of 2
`
`US 2008/0320607 A1
`
`Adoos|
`
`
`
`40}WU]JUNC
`
`asus]
`
`éEpepesoxe
`
`Le
`
`yooiunJosanbey
`
`
`
`Aqpeaisoasspoo
`
`
`
`Aounyuoyeanoy
`
`[BasSs}
`
`JOquINN
`
`pueayeuui69}
`
`Esisixe
`
`
`
`
`
`(qjanbiun)yuudieBuy
`
`
`
`pueJequinnjeHEeS
`
`0}Juesq]enbiun
`
`
`
`Auounyuoweanoy
`
`
`
`yeuyJesnWUOjU}
`
`
`
`ysonbelHey}
`
`polessey
`
`yonpoidJoJesnysvy
`
`
`
`Joquunujeuas
`
`BIEMpPsJeYJe)
`
`wa
`
`uoyeoyddy
`
`Jasnsy
`
`-210}
`
`Szuouyne
`
`aredwo9
`
`ysoy0}Aay
`
`asempseu
`
`ssed
`
`OL
`
`HEIS
`
`aleMyos
`
`yooyuns]
`
`quasaidAoy
`
`~PaJO}S10
`
`L
`
`Sa,
`
`(uy10d)|eunbi
`
`Aayyoojun
`
`peyeisueb
`
`Adyyoojun
`
`a10}S
`
`JoJesnWOU]
`
`inyssesons
`
`uoHeA}oe
`
`MOY
`
`uojeojddy
`
`und0}
`
`SL
`
`APPLE EXHIBIT 1104
`Page 2 of 10
`
`APPLE EXHIBIT 1104
`Page 2 of 10
`
`
`
`
`
`
`
`
`
`
`

`

`Patent Application Publication
`
`Dec. 25, 2008 Sheet 2 of 2
`
`US 2008/0320607 A1
`
`
`
`egéS]SIXS
`
`SSR
`
`cg
`
`fellasS|
`
`JequInNN
`
`puesyeiuiyi6e]
`
`L9
`
`yoojunsoyjsanbay
`
`
`
`Aqpeajenalapoo
`
`
`
`Aounyuojezuouny
`
`SI
`
`yunosAdoo
`
`-|usemjeq
`
`évb
`
`yunooAdao
`
`-G}usemjaq
`
`ON
`
`é6¢
`
`Keypues
`
`pe}LuyUNUM
`
`asn
`
`Avypuasg
`
`SAep06WIM
`
`asn
`
`49
`
`éfayeaiB10
`
`OequnosAdoo
`S|Sep
`
`keypuss
`
`shepoguM
`
`esn
`
`89
`
`
`
`SPyJonpoudJo}Jesnys
`
`
`
`Joquinujeues
`
`epaieMyos
`
`HES
`
`
`
`(q]enbiun)yuuduaBuy
`
`auempleyyep
`
`
`
`pueJequinyjeues
`
`o}Jussq]enbiun
`
`
`
`Aoujnyuopezuouny
`
`
`
`yeu]JasnWout
`
`
`
`ysenbalseuy
`
`pejleysey
`
`Aeyyoojun
`
`8101S
`
`es
`
`Jasnys
`
`810}
`
`Szuoyne
`
`aueduioy
`
`ysoy0}Aoy
`
`SJeAMpJEY
`
`wg
`
`uoyeoyddy
`
`JoJasnwoul
`
`jnysseoons
`
`uoyezuoujne
`
`MOY
`
`uoyeajddy
`
`uns0}
`
`yoojuns}
`
`queseidAay
`
`éjuaunopue
`
`APPLE EXHIBIT 1104
`Page 3 of 10
`
`APPLE EXHIBIT 1104
`Page 3 of 10
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`

`

`US 2008/0320607 Al
`
`Dec. 25, 2008
`
`SYSTEM AND METHOD FOR AUDITING
`SOFTWARE USAGE
`
`CROSS-REFERENCE TO RELATED
`
`APPLICATION(S)
`
`[0001] This application claimspriority pursuant to 35 U.S.
`C. §119(e) to U.S. Provisional Application No. 60/945,359,
`filed Jun. 21, 2007, which application is specifically incorpo-
`rated herein, in its entirety, by reference.
`
`BACKGROUND OF THE INVENTION
`
`1. Field of the Invention
`[0002]
`[0003] The present inventionis directed toward systemsfor
`auditing andrestricting software usage, and related methods.
`[0004]
`2. Description of the Related Art
`[0005] Many systemsfor the protection of software prod-
`ucts against piracy and abuse of copyright exist today. Popu-
`lar approachesdescribed in U.S. Pat. No. 5,490,216 and U.S.
`Pat. No. 6,243,468 link the license of the user of the software
`to a specific hardware platform by devising a uniqueidentifier
`from the measurable characteristics, settings and identifiers
`already present within the computing hardware and its
`attached peripherals. With the above described method, the
`protected software communicates with an authorization
`authority, usually an Internet based online server, controlled
`by the software publisher. This communication is needed to
`ensure that the licensed party does not exceed the usagerights
`of the license that has been granted by the publisher.
`[0006] The systems used in the art keep a record of how
`many devices have been authorized to run against each
`license, and when a certain predefined limit has been
`exceeded, the authorization server denies the software users
`request to run additional copies of the software on additional
`devices. For example, a publisher might allow five copies to
`be made and usedoftheir copyrighted software for each user
`license sold. Thefirst five requests made to the authorization
`authority may be allowed howeverthe sixth and subsequent
`requests would be denied. Possibly the licensee would be
`encouraged to acquire an additionallicense.
`[0007] This system has drawncriticism from software buy-
`ers since many users expect to be able to use software they
`have purchased on as many devices as they want as long as
`they own and use the devices. Additionally software buyers
`are changing, upgrading and replacing their computing
`devices on a moreregular basis as people use computers more
`and more. This in turn requires additional flexibility on the
`part of the authorization authority to compensate for reason-
`able fluctuations in the usage circumstances of users pro-
`tected under laws such as the Fair Use Act.
`
`Software buyers may be dissatisfied with current
`[0008]
`authorization systems due to their inability to determine the
`difference between legitimate users, that may reasonably
`require a large numberof copies of software for use on their
`own computing devices, and illegal copies made by pirates
`and or others who willfully abuse license terms by making
`indiscriminate copiesfor other users such as sharing over peer
`to peer software distribution networks.
`[0009] Accordingly, it would be desirable to provide the
`ability to monitor and measurethe usage oftheir software and
`
`to allow/disallow the running of licensed software over the
`complete life and usage of the software product.
`
`SUMMARY OF THE INVENTION
`
`In accordance with one aspect of the embodiments
`[0010]
`described herein, there is provided a method for auditing
`software usage, comprising: (a) receiving a serial numberfor
`a software installed on a computing device and a device
`identifier for the device; (b) determining whetherthe received
`serial number corresponds to one of recognized serial num-
`bers; (c) in response to determination that the received serial
`numbercorrespondsto one of the recognized serial numbers,
`calculating a copy count(or software execution count) for the
`received serial number; (d) in response to the copy count not
`exceeding a first upper limit of software copies (or software
`executions), sending an unlimited unlock key to the device;
`and (e) in response to the copy count being greater than the
`first preset number but not exceeding a second upperlimit,
`sendinga first limited unlock key to the device.
`[0011]
`In accordance with another aspect of the embodi-
`ments described herein, there is provided a methodfor audit-
`ing software usage, comprising: (a) sending a serial number
`for a software installed on a computing device and a device
`identifier for the device to an authorization authority, the
`authorization authority calculating a copy countfortheserial
`number(or software execution count); (b) in response to the
`copy count not exceedinga first upperlimit of software copies
`(or software executions), receiving from the authorization
`authority an unlimited unlock key for the software; and (c) in
`response to the copy count being greater than thefirst upper
`limit but not exceeding a second upperlimit, receiving from
`the authorization authority a first limited unlock key for the
`software.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 illustrates a known authorization system
`[0012]
`(priorart).
`[0013]
`FIG. 2 illustrates an embodimentof an authorization
`system.
`
`DETAILED DESCRIPTION
`
`[0014] The present invention addresses the need for a sys-
`tem and methodfor auditing and selectively controlling/lim-
`iting software usage.
`In the exemplary embodiments
`described herein,there are presented systems and methods for
`thatallowfor the rental of software where softwareis allowed
`to run for a pre-specified period of time in return for the
`purchaseofa time limitedlicense. It is noted that publishers
`sometimes use a time limited free trial period in whichit is
`hoped that the user will want to continue the use of the
`softwareafter the expiry ofthe free use period thereby requir-
`ing a license purchase and subsequent connection to the
`authorization authority. It is further noted that limited time
`licenses are may be usedrather than new installs of software
`to trigger a requirementfor the protected software to commu-
`nicate with the authorization authority.
`[0015]
`FIG. 1 illustrates a system and method for software
`copy control that is believed to be known in the art. The
`system generally comprises client-side system (e.g., client 9)
`and an authorization system (e.g., authorization authority 30).
`The system of FIG. 1 implements a client-side process on
`client 9 and an authorization process on authorization author-
`ity 30. At step 10, the copy controlled software is executed on
`
`APPLE EXHIBIT 1104
`Page 4 of 10
`
`APPLE EXHIBIT 1104
`Page 4 of 10
`
`

`

`US 2008/0320607 Al
`
`Dec. 25, 2008
`
`a computing device, often called a client 9 in the art. The
`protected software then checksto see ifa license is granted for
`this software to run. A common wayofdoingthis is to store
`an unlock key on the computing device which the software
`uses to verify the license. On this basis the software checks to
`see if the unlock key is present (step 11). If an unlock key is
`not present, an authorization process is started (step 16). Ifthe
`unlock key is present then the key is compared to the unique
`hardware configuration of the computing device (step 12).
`Information about the components, peripherals and settings
`of the computing device are compiled into a unique identifier
`that can be used to verify the identity of the device for pur-
`posesofidentification.
`[0016]
`If the hardware identity has not changed, the soft-
`ware is allowed to continueto run(step 15) such that the user
`can use the software. If the hardware identity is not the same
`or has changed then the user is asked for permission to re-
`authorize or re-activate the software (step 13). If the user
`choosesnotto re-activate the software the protected program/
`software is terminated (step 14). If the user chooses to con-
`tinue, the software starts the re-authorization process by ask-
`ing the user to input the product’s serial number(step 16). The
`serial number maybe usedto represent a license numberthat
`may be issued to the user as part of a software purchase
`transaction. Next, the unique device identifier is compiled
`from the computers unique hardware configuration (step 17).
`Then both the serial number and the unique device identifier
`are sent or communicatedto the authorization authority 30 for
`license verification.
`
`[0017] The authorization authority 30 checks to see if a
`valid license exists for the user that is requesting authoriza-
`tion, and if the user has not exceeded the limit set for the
`numberof copies allowed underthe license terms. The autho-
`rization authority 30 receives the serial number and the
`unique device identifier (step 31) and then checksto see if the
`serial numberexists and represents a legitimate license (step
`32). If the serial number does not exist in a database of the
`Authorization Authorities 30, then a message is communi-
`cated back to the client system 9 and displayed to the user
`(step 19) before the software is terminated 14. If the serial
`numberdoes exist (step 32) then the count of previous suc-
`cessful authorizations is calculated and a decision/determi-
`nation is made by the authorization authority as to whether or
`not the copy count limit has been exceededforthis particular
`serial number(step 33).
`[0018]
`If the copy count for the serial number has been
`exceeded, as determinedat step 33, then a messageis sent to
`the client system and the useris informedthattheir request for
`authorization has failed (step 19). Subsequently the client
`software is terminated (step 14). If the copy count for the
`serial number has not been exceeded, as determined at step
`33, then an unlock key is generated (step 34)for the specific
`serial number and unique device identifier, and communi-
`catedto the client system 9. Uponreceipt ofthe unlock key by
`the client system 9 the unlock key is stored (step 21) for future
`reference by the license checking system and the user is
`informedthat their request for authorization of their software
`was successful (step 20). The software is then allowed to run
`(step 15).
`[0019] With reference to FIG. 2, there is shown an exem-
`plary audit system that allows copy control after the initial
`authorization of the licensed software. The copy controlled
`software is executed (step 41) on a computing device, also
`referred to as the client 40. The auditing and copy control
`
`approaches described herein are applicable to computing
`devices in general, including but not limited to, desktops,
`laptops, tablet computers, PDAs, mobile devices, mobile
`phones, vehicle onboard computers, or any network device
`capable of communication with a computer network.
`[0020] The protected software checks to see if a license is
`granted for this software to run. An exemplary way of doing
`this is to store an unlock key or code on the computing device
`whichthe software uses to verify the license. On this basis the
`software checksto see if the unlock key is present (step 42).
`If an unlock key is not present, an authorization process is
`started (step 43). If the unlock key is present, then the key is
`compared to the hardware configuration of the computing
`device (step 44). Information about the components, periph-
`erals and settings of the computing device are compiled into
`a uniqueidentifier that can be usedto verify the identity ofthe
`device for purposes of identification.
`[0021] The identification information or device identifier
`generally comprises information that is expected to be unique
`for the computing device. The device identifier is preferably
`generated from non-user-configurable machine parameters of
`the computing device, such as, for example, hard disk serial
`number, MAC ID, RAM manufacturing date, etc. It is noted
`that each data storage device of the computing device may
`gave a large variety of damage and unusable data sectors that
`are nearly unique to each physical unit. Accordingly, the
`process for generating a device identifier may include mea-
`suring physical, non-user-configurable characteristics of disk
`drives and solid state memory devices.
`[0022] The machine parameters mayrelate to the platform
`on which a web browseror another application runs, such as,
`for example, CPU number, or unique parameters associated
`with the firmware in use. The machine parameters may also
`include system configuration information, such as amount of
`memory, type of processor, software or operating system
`serial number, etc. The device identifier generated from the
`machine parameters may include the computing device’s IP
`address and/or other geo-location code to add anotherlayer of
`specificity to the computing device’s uniqueidentifier. In the
`alternative, or in addition, the device identifier may comprise
`arandomly generated and assigned numberthat is unique for
`and stored on the computing device.
`[0023]
`Ifthe hardware identity has not changed, the soft-
`ware is allowed to continue to run (step 50) such that the user
`can use the software. If the hardware identity is not the same
`or has changed, then the user is asked for permission to
`re-authorize or re-activate the software (step 46). If the user
`choosesnotto re-activate the software, the protected program
`is terminated (step 49). If the user chooses to continue, the
`software starts the re-authorization process by asking the user
`to input the product serial number(step 43). The serial num-
`ber may represent a license numberthat is usually issued to
`the useras part of a software purchase transaction. Next, the
`unique device identifier is compiled from the hardware con-
`figuration of the computing device (step 45). Then both the
`serial number and the unique device identifier are sent or
`communicated (step 47) to the authorization authority or
`system 60 for license verification.
`[0024] The authorization authority 60 checks to see if a
`valid license exists for the user that is requesting authoriza-
`tion, and if the user has not exceeded the limit set for the
`numberof copies allowed underthe license terms. The autho-
`rization authority 60 receives the serial number and the
`unique device identifier (step 61) and then checks to see ifthe
`
`APPLE EXHIBIT 1104
`Page 5 of 10
`
`APPLE EXHIBIT 1104
`Page 5 of 10
`
`

`

`US 2008/0320607 Al
`
`Dec. 25, 2008
`
`serial numberexists and represents a legitimate license (step
`62). If the serial number does not exist in a database of the
`authorization authorities 60, as determined in step 62, then a
`message indicating such is communicated backto the client
`system 40 and displayed to the user (step 48) before the
`software is terminated (step 49).
`[0025]
`Ifthe serial numberdoesexist, as determinedat step
`62, then the count of previous successful authorizations is
`calculated or otherwise determined.
`In the illustrated
`
`example, the first fourteen copies of the software made from
`or corresponding to a single serial number may be given an
`unlock codethat allows the software to run in a non-restricted
`
`or unlimited manner(e.g., indefinitely without a time limit)
`(step 63). The unlock key may be communicatedto the client
`system and stored (step 52) for future use andretrieval(e.g.,
`step 42). The user may be informedof the successful autho-
`rization (step 51) and the software may be allowedto run (step
`50).
`Ifthe count of copies forthis specific serial number
`[0026]
`is fifteen or greater but less than thirty (step 65), then an
`unlock code is generated that allows the user to use the soft-
`ware for the next ninety days (step 66). In turn, this time-
`limited key maybestored (step 52), the user informed(step
`51), and the application allowedto run (step 50). Ifthe count
`of copies for this specific serial numberis thirty or greater
`(step 67), then an unlock code may be generated that allows
`the user to use the software for the next sixty days (step 68).
`In turn, this time-limited key may bestored (step 52), the user
`informed (step 51), and the application allowed to run (step
`50).
`It is noted that the software may be executed on the
`[0027]
`computing platform andthe license management system may
`check to see if a legitimate and current license to use the
`software is present. The license may include a serial number
`for the licensed software and a unique ID that may berepre-
`sentative of the hardware environmentor fingerprintthat the
`softwareis allowed to run on. The unique ID may be checked
`against the current hardware configuration and if there has
`been no change to the configuration of the hardware the
`softwareis allowedto run.If the unique ID does not compare
`correctly to the hardware environment, the user may be asked
`for permission to contact the authorization authority for
`authorization of the software to run. The software may
`attempt to communicate with an authorization authority to
`obtain a license to run the software on this particular comput-
`ing device. Upon the successful communication with the
`authorization authority the user’s serial numbers may be
`checked for validity and then compared to a database that
`stores a running count ofthe numberof copies ofthe software
`currently issued against that particular serial number.
`[0028] Under the license terms of the software a limited
`number of copies of the software may be allowed for any
`individual serial number. Traditionally, such as in the embodi-
`ment of FIG. 1, if the numberof copies for any single serial
`numberhas not been exceeded, an unlock key may be gener-
`ated and returned to the client system and stored for use in
`future executions of the software. In FIG. 1, if the number of
`allowed copies has been exceeded, the authorization author-
`ity may disallow any additional copies to be activated and a
`message, telling the user that their attempt to activate their
`software has failed due to exceeding the copy countoftheir
`software. Subsequently, the software may not be allowed to
`run and may be terminated.
`
`Incontrastto traditional systems, such as the system
`[0029]
`shown in FIG. 1, there is provided an audit/authorization
`system thatis not limited to the allow/disallow paradigm, and
`that provides software auditors and/or licensors more waysto
`control how software may be used on computing devices. For
`example, FIG. 2 illustrates a representative approach to han-
`dling requests for additional copies of a given software to be
`run on additional computing devices.
`In one exemplary
`approach, sometimesreferred to as audit mode,all requests
`for authorization of copies of software may be allowed. How-
`ever, the system may keep a log of the count of copies
`requested for an individual software serial number and may
`activate each copy with, for example, an escalating series of
`restrictions.
`
`[0030] The audit/authorization authority may deliver an
`unlock key allows the software to run indefinitely (e.g., step
`64) without requiring re-authorization for up to a first set
`numberor upperlimit of copies ofthe software(e.g., step 63)
`for a given serial number. For example, the delivered unlock
`key may allow the software to run indefinitely for up to the
`first fourteen copies of software made for a specific serial
`number. Copies numbering greater than the first upper limit
`and not exceeding the second upperlimit (wherein the second
`upperlimit is higher than thefirst upper limit) may retrieve a
`limited use key that enables the software to run for a first
`defined time period (e.g., step 66) before requiring re-autho-
`rization to continue usage. For example, copies numbering
`from fifteen to twenty-nine mayretrieve a limited use key that
`enables the software to run for ninety calendar days before
`requiring re-authorization to continue usage. Copy numbers
`greater than the second upperlimit mayretrieve a limited use
`key that enables the authorized software to run for a second
`defined time period (e.g., step 68) before requiring re-autho-
`rization to continue usage. For example, copy numbersthirty
`or greater may retrieve a limited use key that enables the
`authorized software to run for sixty calendar days before
`requiring re-authorization to continue usage. It is noted that
`the numbers used herein for the upper and lower limits and
`time periods are merely exemplary, and that other numbers
`may be used as appropriate for a given application.
`[0031] The system of FIG. 2 allows software publishers of
`software productsto initially monitor the copyingpractices of
`software buyers and software sharers, legal andillegal. Then
`with the use of the time-limited unlock codes they may
`optionally limit and/or police the numberof copies that they
`will allow to be used for each individual serial number.
`
`[0032] The publisher of the software may optionally
`change the authorization authority from audit mode 60 of
`FIG.2 back to limiting mode 30 of FIG.1 if the decisionis to
`limit the number of copies made for an individual serial
`number, such as, for example, when it is clear that license
`terms are being abused, ignored or broken. Accordingly, in
`one embodiment, the audit/authorization system is adapted to
`switch between the auditing mode 60 andthe limiting mode
`30.
`
`In the alternative, or in addition, the authorization
`[0033]
`authority may not include a time limited authorization unlock
`code such that all unlocks are perpetual. However such an
`audit mode may be turned off at any time to allow future
`attempts to activate copies for a specific serial numberto be
`disallowed.
`
`In the alternative, or in addition, the authorization
`[0034]
`authority may use a running count of the numberof execu-
`tions of the software to keep track of a limited use authoriza-
`
`APPLE EXHIBIT 1104
`Page 6 of 10
`
`APPLE EXHIBIT 1104
`Page 6 of 10
`
`

`

`US 2008/0320607 Al
`
`Dec. 25, 2008
`
`tion. For example instead of allowing the fifteenth to twenty
`ninth copies of the software to run for ninety days before
`requiring re-authorization, the publisher could require re-
`authorization after a defined numberof executions(e.g., one
`hundred) ofthe software. Of course, a combination ofthe two
`methods mayalso be used.
`[0035]
`In the alternative, or in addition, certain features of
`the software may be enabled/disabled based on the copy
`count and/or numberof executions for a given serial number.
`For example, the unlock key may allow the computing device
`to run a full version of the software with all features enabled
`
`when the copy count for the software serial number does not
`exceed a first upper limit. The unlock key may allow the
`computing device to run a version ofthe software with one or
`more features disabled when the copy count exceedsthefirst
`upperlimit. In the alternative, or in addition, increasing num-
`bers of software features may be disabled with increasing
`copy counts, thereby escalating the restrictions on the soft-
`ware with increasing copy counts for a given softwareserial
`number.It is noted that any known suitable approach to lim-
`iting the use of software may be implementedso that the full
`featured use of the software is avoided, including but not
`limited to feature disablement.
`
`In accordance with one aspect of the embodiments
`[0036]
`described herein,
`there is provided a method (typically
`executed on the authorization authority side) for auditing
`software usage, comprising: (a) receiving a serial numberfor
`a software installed on a computing device and a device
`identifier for the device; (b) determining whetherthe received
`serial number corresponds to one of recognized serial num-
`bers; (c) in response to determination that the received serial
`numbercorrespondsto one of the recognized serial numbers,
`calculating a copy countfor the received serial number; (d) in
`responseto the copy countnot exceedinga first upperlimit of
`software copies, sending an unlimited unlock key to the
`device; and (e) in response to the copy count being greater
`thanthefirst preset numberbut not exceeding a second upper
`limit, sending a first limited unlock key to the device. The
`method may further comprise receiving an unlock code
`request for the software from the device.
`[0037]
`In one embodiment, the step of sending the first
`limited unlock key may comprise sendinga first unlock code
`that allows the software to run on the device fora first time
`
`period before requiring re-authorization to continueuseofthe
`software on the device. The method mayfurther comprise, in
`response to the copy count being greater than the second
`upper limit but not exceeding a third upper limit, sending a
`second limited unlock key to the device. The step of sending
`the second limited unlock key may comprise sending a sec-
`ond unlock codethat allows the software to run on the device
`
`for a second time period before requiring re-authorization to
`continue use of the software on the device. The second time
`
`period maybeshorter, and therefore morerestrictive, than the
`first time period.
`[0038]
`In another embodiment,the step of sending thefirst
`limited unlock key may comprise sendinga first unlock code
`that allows the software to run on the device for a defined
`
`number of executions before requiring re-authorization to
`continue use of the software on the device. In yet another
`embodiment, the step of sending thefirst limited unlock key
`may comprise sending a first unlock code that allows the
`software to run on the device with at least one feature of the
`software disabled.
`
`[0039] The step of sending the unlimited unlock key may
`comprise sending an unlock codethat allows use ofthe soft-
`ware on the device without time restrictions. The step of
`verifying whether the received serial number corresponds to
`one of the recognized serial numbers may comprise:
`(a)
`accessing a database storing the recognized serial numbers;
`and (b) determining whether the received serial number
`matches one of the recognized serial numbers stored on the
`database.
`
`Instill another embodiment, the method mayfurther
`[0040]
`comprise setting at least one of the first upper limit and the
`second upperlimit basedat least in part on the copy countfor
`the received serial number.
`
`In accordance with another aspect of the embodi-
`[0041]
`ments described herein, there is provided a method(typically
`executed on theclient side) for auditing software usage, com-
`prising: (a) sending a serial numberfor a softwareinstalled on
`acomputing device and a device identifier for the device to an
`authorization authority, the authorization authority calculat-
`ing a copy count for the serial number; (b) in response to the
`copy count not exceedinga first upper limit of software cop-
`ies, receiving from the authorization authority an unlimited
`unlock key for the software; and (c) in response to the copy
`count being greater than thefirst upper limit but not exceeding
`a second upperlimit, receiving from the authorization author-
`ity a first limited unlock key for the software. The method
`may further comprise sending an unlock code request for the
`software to the authorization authority.
`[0042]
`In one embodiment, the step of receiving thefirst
`limited unlock key may comprise receiving a first unlock
`code that allows the software to run on the device for a first
`
`time period before requiring re-authorization to continue use
`ofthe software on the device. In another embodiment,the step
`ofreceivingthefirst limited unlock key may comprise receiv-
`ing a first unlock code that allows the software to run on the
`device for a defined numberof executions before requiring
`re-authorization to continue use ofthe software on the device.
`In yet another embodiment, the step of receiving the first
`limited unlock key may comprise receiving a first unlock
`codethatallows the software to run on the device withat least
`one feature of the software disabled.
`
`[0043] The method may further comprise, in response to
`the copy count being greater than the second upperlimit but
`not exceeding a third upperlimit, receiving from the autho-
`rization authority a second limited unlock key to the device.
`The step of receiving the second limited unlock key may
`comprise receiving a second unlock code that allows the
`software to run on the device for a second timeperiod before
`requiring re-authorization to continue use of the software on
`the device. The second time period maybeshorter, and there-
`fore morerestrictive, than thefirst time period.
`[0044] The step of receiving the unlimited unlock key may
`comprise receiving an unlock code that allows use of the
`software on the device withouttime restrictions. The method
`
`preferably comprises storing one of the unlimited unlock key
`and the first limited unlock key in memory.
`[0045]
`In accordance with another aspect of the embodi-
`ments described herein, there is provided a authorization
`authority system or server for auditing software usage. The
`system may comprise: a receiver module adaptedto receive a
`serial numberfor a software installed on a computing device
`and a deviceidentifier for the device; a transmitter module; a
`processor module operatively coupled to the receiver and
`
`APPLE EXHIBIT 1104
`Page 7 of 10
`
`APPLE EXHIBIT