Challenges Related To Software Licenses Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Software protection is regarded as a sophisticated system created in order to defend the use of the software. This defense includes the distribution of software especially commercial software, dangerous and external dangers like viruses and spywares and software piracy.

This paper illustrates briefly many important aspects in relation to software protection. The first point is general information about software system security in the light of malicious attacks and threats that damage the software. Additionally, a broad explanation of famous and hazardous worms is penetrating many software systems. Software piracy is a growing concern and costs the software industry billions of dollars yearly. Therefore, this paper focuses on this obstacle and its negative outcomes. The other part of the paper is organized as follows. Section 4 Illustrates the software licenses and various situations of software licenses regarding trial software and licensing, license key installation and license registration. Sections 5 and 6 concentrate on software licensing and copyrights while section 7 displays the different classifications of software licensing schemes. Section 8 is considered as a case study that examines elaborately the implementation of software licensing in specific software. The final section is a combination of conclusion and a brief summary of the whole work

1. Introduction

Hundreds years ago, technology was restricted in simple and ordinary objects like electricity, lighting, telephone, and so on until the incredible invention of the first computer in the world had caused unbelievable and technological revolution. Gradually, this great revolution had grown in different dimensions especially the dimension of network and internet. Nowadays, there is a rapid and great development of network and advanced technologies like IPhone, iPod,..etc which enable new software capabilities and huge market interest but there are some obstacles that cause terrible and serious problems and affect software protection sharply. [4][9]

One of these problems is software piracy such as the unauthorized copying, use or distribution of software products. Although a variety of software protection schemes are perfect and well-organized, software piracy still causes major troubles because some protection schemes can be easily attacked by many malicious users. On the other hand, there are specific problems related to software protection itself. The main trouble is to sell several programs that can be executed by the buyer so they cannot be duplicated or distributed by him to other users to other users. Critically, the problem of protection against duplication and the problem against distribution have become the basic problems that need a lot of accurate effort. Although many engineering effort is made to provide software protection, this effort may unfortunately lack theoretical foundations. Theory and practice are the keys of solving software protection problems efficiently. [4][9]

According to unauthorized copying, it is regarded as a critical trouble because it affects both the industrial and national sectors of a country negatively. The major obstacle of unauthorized copying is the huge coverage of electronic and non-electronic products. As a result, the successful and efficient solution is copyright which is "a form of protection provided by the law to the authors of original works of authorship which includes literary, dramatic, artistic, and electronic and other intellectual works. Historically, copyright protection was restricted to non-electronic products until in 1980 The Copyright Act had modified its laws to include explicitly computer programs". [6]

2. What is Software System Security?

Making sure to get software not get damaged from outside affects such as attackers or a method that uses to break that software and makes it not working or change its features is the main meaning for Software System Security. Table 1 shows a general view of different kinds of attacks and damages. [3]

Table 1: Categorizing Software System Security Problems [5]

The first column shows Key Types and Methods of Attack which have many different attacks beside some might be combined in a single attack. In addition, worms and viruses have considered as nightmare to most people who use emails a lot nowadays, and they do not have a good knowledge about these worms and viruses. Beside, those worms and viruses have a huge affect on most software by corrupting files and data, and on certain personals computer programs. [5]

The Love Bug and The Blaster worm are most comment worms these days. Each one of them has a different affect a victim's machine or system by accessing into the system and damage it or breaking it down. [5]

In May 2000, The Love Bug appeared in Asia and in short time, it speared to the United States through email attachments. The most departments which got a big affect were government computers at some governments' places such as Congress, the White House, and the Pentagon. $10 billion was the losses in economic damages by overwriting files and corrupting data. [5]

The Blaster worm came out after three years. The affect of this worm is to slow down one's personal computer response times. The losses were less costly than The Love Bug worm. According to a survey by the International Data Corporation (IDC), viruses and worms are the most serious vulnerabilities that corporations face today. Nowadays, worms and viruses are visible to public people, companies, and government's departments. Figure 1 shows the most countries that got a big affect from this worm. [5]Capture.JPG


Figure 1: Affected countries by The Blaster worm

The second column in Table 1 covers the types of damages on websites, networks, files, and data that can result from attackers. For instance, website defacements, is the online version of graffiti. Hackers may act normally by doing some normal activists then access to change a website's appearance, add political messages to the site, or divert visitors to another website. An outage is another kind of damage that causes a result of a successful denial of service attack and can be more costly, especially for e-commerce sites. [5]

3. Software Piracy

Software piracy is a major part of the larger digital piracy fact in Software System Security. According to the Business Software Alliance, in 2002, the estimated world piracy rate for business software applications alone was around 35%. The losses were nearly close to $40 billion. Because it has been recommended that some of these figures may be the central argument still holds, software piracy is a serious problem to be taken these days. Software piracy transpires in many ways, by illegal burning CDs or DVDs especially having these copies between friends or sharing them or over websites or torrents. The most common problem that affects some software's companies or producing films' companies is losing a lot of money by doing that, and no way to stop that because it is not shown to public at all. One study shows that in 2006, for each two dollars worth of software purchased legally, at least one dollar worth was obtained illegally. [7]

Negative penalties of Software Piracy are just to the creator of the product, but also to the country where the pirated software is sold because International Data Corporation have made a survey about that, and they got a result of PC's software markets will produce products that worth between $50 billion to $70 billion. The next 5 years, the value of the pirated software markets will grow to about $40 billion. Macedonia and China are some of pirated countries that have piracy rates which reach up to 92%. [7]

4. Software Licenses

Software has appeared from long time. This software's producer has the full control to publish it to ones consumers, and also he/she has the software copyrights to make his/her consumers use the software with its license. Couple years before now, most people thought they purchased the software by itself, but now they recognize that they actually buying a license to make it active and able to use all its features. Most the software nowadays is on websites, so anyone can download it, but not as a full version, it a free trail to try it and have a clear idea about it. [8]

These days, consumers might not have a clear understanding about all the legal implications of licensing software versus owning it. Consumers may use software without having a good view about its contract and license, and also they do not any idea about its term or condition. This happens because they are having a general common idea about the software from outside its private zone such as hearing from friends, knowing it from a e-commerce site, so they will accept whatever are written in the software term or condition. Software companies provide certain terms and conditions for each software they publish, and consumers expect those terms or conditions would be in their side. [8]

4.1 Software Licensing Procedures:

The nature of any software licensing is depended on the software product by itself. This part shows where licensing is involved through a number of methods: [10]

Trial Software and Licensing: Each trial software has no license to use it. However, it has a limit of time to make it active and use it. For example, some trails can be working for a month and some just for a couple days. Some of them will stop working by updating or they will be blocked from the main source, a user might require enter a license after using the limit time that allow him/her to use that software. Usually, a user must buy a license to use a full version or the trial one. This can be by buying a serial number just for one user. In addition, some companies provide a license for more than one user, and some time for a big cooperation. Some information are required in order to get most trial software licenses such as personal information. Some they provide each email address just one time to have their trail to use it. [10]

License Key Installation: Users are required to have a license key and enter it during installation process for most software. For example, Microsoft Office XP official disc comes with a license key, and one must enter it to be able to use the operating system probably. Entering the license key screen will appear during the installation of Microsoft Office XP, for example. The installation will stop processing if an incorrect or invalid license key is entered. one has need to get a valid license key to install the full software to his/her machine.. Some time the license key come as characters mixed with numbers in sequence. Fifteen characters are the most average amount of a serial number or a license key to enter, and it may be divided into five parts. Checksum is a kind of a license key. [10]

License Registration: Many users can share the same license key, but one of them has to be the owner of that license. This considers an illegal way to use software. a producer of that software may require the user to register his/her software. Personal information including an email a valid email address is required during registration. The software's producer is going to check that information are not being used by someone else or new. If everything entered in the first time, the vendor provides the user with a valid serial key. Without this validation, the software will expire and stop to function any process to complete installation it. Through the Internet is an usual way to register a software. If there is no internet connection, it can be done by email or through phone by calling a customer support site. [10]

5. Software Licensing: Copyright and Contract

Copyright is a legitimate right which aims to prevent other people from copying a work. Software user is the sole person who has the right of permitting the use of a copyrighted work but this can be achieved under a specific license. The reason is that this license gives a permission to perform a definite action such as copying otherwise this will be regarded as a severe violation of copyright and become illegal. This permission is controlled by several conditions of the license. The licensor's right appears strongly in the form of conditions attached to a subtraction from his rights. [1]

The effect of the content of these rights besides the interpretation of the relationship between the parties would lead to a breach of copyright. According to the range of intellectual rights, they can be differed by contractual agreement and sometimes these rights can overcome contrary conditions shown in a contractual agreement. When the official controls determine the exact extent of parties' concerns, this may operate against the idea of contractual freedom of sharing the possible risks for the parties. In this situation, the law of copyright may rise above the law of contract. [1]Capture7.JPG

6. Software Licensing: traditional and recent models

Software licensing allows users to perform various things such as installing, using software with license. Piracy is considered as a problem that can be solved by software licensing. . There are many types of software licensing models such as package, server, network-based, subscription-based and utility based. [3]

Packaged model: Package models that aim to keep and prevent software from being pirated by using locking or expiration mechanism. The aim of node-locked perpetual gives the permission to use software without the need to agreement of the license to any user. [3]

Server-based model: Multicore processing is considered as mainstream which results in two approaches which are counting by socket or counting by sockets. The difference between the two approaches is that counting by core charges users per connection while counting by core charges users in case if each core is considered individually. [3]

Network-based model: Network-based model is more effective than traditional models that publish licenses to many users by using centralized system. Floating (concurrent) and network are two popular models. Any user who has the license can make a connection to with the network licensing server at constant intervals. Then, a connection will be made with a back up licensing server as shown in Figure 2

6.1 New models

Subscription- based model: It is a model in which users buy a license in a specific period of

Figure 2: Example of heartbeat and denial in the concurrent network-based licensing model [3]

time like a year. If the period expires, the user needs to renew his license to regain critical upgrades. This model does not work well if it is used in applications as mission-critical and secure networks. [3]

Utility - based model: This model depend on the demand] of users to use licenses. This model can perform well with floating model which is discussed in network model due to continuous update and use record. [3]

7. Software Licensing: Classification of Licensing Schemes

In general, free software has no license key and no registration when download it from an official web page. Microsoft Windows XP is one of some software that needs both a license key and registration to install it completely. In fact, Windows XP is from a big software company, so the license key is special and has special features since this key require a registration. on the other hand, Microsoft Office XP is an example for a software that requires a license key but does not require any registration. Also, WinZip, popular software to extract files and zip them, does not require a license key but requires registration. Figure 3 shows the process of a software licensing. There are four kinds of categories for software that requires a license key and registration. [10]

Requiring license key and registration.

Requiring license key but no registration.

Requiring only registration.Capture2.JPG

Requiring no license key or registration.


Figure 3: Software Licensing Process [10]

7.1 Requiring no license key or registration.

Figure 5: Licensing Check [10] There are two optimal branches of licensing schemes that depend on registration: schemes using installation based registration and schemes using installation dependant registration. The basis of registration key in installation based registrations is parameters that are specific to the machine or network where the software is installed. If the registration is attached to a certain machine, machine-specific parameters will be used and if the registration is attached to a network, network-specific parameters will be used. The are many practical uses of network-specific installation based registrations such as large corporations that make use of huge number of machines that need software license urgently. Finally, both installations based and installation independent licensing schemes are categorized to floating and non-floating licensing schemes. [10]Capture4.JPG

8. Software Licensing: Related work

This is a case study of a particular software about how licensing is implemented. No license key is required for this software, but it requires a registration key for execution. When the When the software runs, an identification string will be generated. This string is sent to the software publisher to get a registration key from it after the registration is completed. When installing the registration key, the software is fully installed. The software is written in C# and has two parts. Figure 4

Figure 6: Licensing Check [10]

Figure 4: Registration Key Generation [10]

shows the first part which generates machine-specific parameters such as the MAC address. [10]

After that, by encrypting the hashed string with the registrar's private key, this string will be sent to the registrar who generates a registration key. Figure 5 shows this process. [10]Capture3.JPG

The public key of the software uses the registrar's to decrypt the registration key through the hashed string that contains machine-specific parameters. Then, the software regenerates the machine id string from its specific parameters. After that a comparison between the hashed string and the hash value that obtained from the registration key. The software will start directly its functionality if the result of that comparison is positive. If not, an error massage will be appeared. Figure 6 give a clear idea about the whole process. [10]

When the license scheme is exposed, it becomes easily to be avoided. Two simple procedures can be used to destroy the software. The first one is to remove the essential and responsible code for licensing. Figure 7 illustrates the way the lines of code are removed. The process of removing licensing code needs correct understanding of the code in order to be able to remove the lines which are responsible for licensing. [10]Capture5.JPG

This is the first approach which may be considered complex and hard. However, there is a second and simple approach which is instead of executing the main functionality on successful licensing validation, the code of licensing could be changed in order to execute the functionality continuously. Figure 8 illustrates this approach and clarifies how "if" condition can be modified to present true evaluation. [10]

Figure 8: Removal of the Licensing Check - Approach 1 [10]

Both figure 7 and figure 8 represent different approaches regarding the degree of difficulty. The approach of Figure 6 is simpler than Figure 5 because it is able to remove efficiently the licensing mechanism without extra amounts of variations to the software. Complicated clarification procedures are very essential to use especially for decomposable languages in order to avoid reverse-engineering of compiled code. [10]

9. Conclusion

Figure 7: Removal of the Licensing Check - Approach 1 [10]In the world of computers and digital systems, the necessity of optimal protection system is very important due to the infinite threats that attack the software realm. These dangers include spywares, worms, software piracy, viruses.. etc. The most common threat is software piracy that extremely affects all the vital fields of society and may lead to undesirable outcomes. Additionally, terrible worms that influence badly the digital systems of many users especially network -system users. As a result, the great establishment of software protection is considered as an emergency exit of software troubles. Software protection is always attached to software license in order to fight illegal piracy and limited awareness of consumers' rights and licenses. Besides, a deep penetration in the world of software license which includes its board classifications concerning licensing schemes and licensing models in addition to a recent and historical experimental experiences and their various results. These experiences and results may be changed in the future and replaced with ultimate and advanced software protection systems and license that defend all fields of both internal and external risks with the help of improved and accurate theory and aware and professional practice.