標題: | 軟體元件保護方法之研究 A Study on the Protection Approach of Software Components |
作者: | 余新平 Hsin-Ping Yu 羅濟群 Chi-Chun Lo 資訊管理研究所 |
關鍵字: | 元件保護;軟體保護;軟體盜版;統一流程;component protection;software protection;software piracy;RUP |
公開日期: | 2004 |
摘要: | 軟體的使用權控管對軟體產業及組織是一個重要的議題,未經授權的使用會造成軟體公司的投資無法回收,對組織則可能洩漏原先已嚴密保護的軟體功能或資料。過去為軟體保護所發展的研究與技術,較不易破解的方法多依賴網路伺服器做線上的使用權檢查,可能造成正常的軟體因為不正常的網路而無法使用。加上近年來軟體系統朝元件化發展,過去針對整個軟體系統考量而設計的研究及技術便無法真正達到使用權控管的目的。
本文將發展上述問題的解決方法視為軟體系統開發的專案,因此遵循RUP(Rational Unified Process)的流程,逐步探討元件保護方法的需求、解決方案。所提出的方法以非對稱加密法限制元件僅能在單一已申請的電腦上使用,以智慧卡保護私密金鑰不被複製,即使元件被不當複製到其他電腦上亦無法使用;在檢查使用權時不需要依賴網路,建立一套元件自我檢查的機制,讓使用者或應用程式在使用此類受保護元件時,不需要改變既有習慣。這個方法若是回過頭應用在整個軟體系統上,亦能保護軟體系統的使用權。 The protection of software usage privileges is an important issue to software market and organizations. Illegal usage of software will cause the investment of a software company to be nothing, and cause a organization to reveal the secret software functions. There are a few of research papers and techniques to solve these problems, but some of them which are not easy to crack depend on a server to check the usage privileges. If the network crashes, the software or components can’t work any more. In recent years, a system is decomposed to many components, and then the existing approaches that target on whole system can’t indeed provide the control of usage privilege. This thesis treats the developing of above problems as a software project. So we follow the RUP processes to discuss the requirements and the solution of component protection. This approach limits the components only running on registered computers by adopting the asymmetric encryption algorithm and protects the private key from copying by storing it in a smart card. The designed checking process of usage privilege will not depend on network, and users or applications need not to be aware of the extra protection of components by developing the self-checking mechanism. |
URI: | http://140.113.39.130/cdrfb3/record/nctu/#GT009034532 http://hdl.handle.net/11536/38946 |
顯示於類別: | 畢業論文 |