LMM - A Common Component for Software License Management on Cloud

Shinsaku Kiyomoto, Andre Rein, Yuto Nakano, Carsten Rudolph, Yutaka Miyake

Abstract

On a cloud environment, the platform that runs a program is not fixed, and there is a possibility that a program runs on several servers in a cloud environment. Transferability of the license information by a valid user should be allowed, even though general requirements for license management have to be satisfied. In this paper, we consider software license management models for cloud environments, and discuss security functions for building secure license management schemes. We show four license management models and analyze the security requirements for the models. Then, we design a common component referred to as the license management module (LMM), and explain the security functions required for the LMM. Furthermore, we discuss how to realize the security functions and evaluate their performance using a prototype implementation.

References

  1. Anderson, W. E. (2008). On the secure obfuscation of deterministic finite automata. In Cryptology ePrint Archive, 2008/148.
  2. Atallah, M. J. and Li, J. (2003). Enhanced smart-card based license management. In Proc. of IEEE International Conference on E-Commerce (CEC2003).
  3. Bicket, D. (2011). Cloud computing and license management. ISS-N004-v3.2.
  4. Chow, S., Gu, Y., Johnson, H., and Zakharov, V. A. (2001). An approach to the obfuscation of control-flow of sequential computer programs. In Proc. of 4th Information Security Conference (ISC2001), Lecture Notes in Computer Science 2200, pages 144-155.
  5. Collberg, C., Thomborson, C., and Low, D. (1997). A taxonomy of obfuscating transformations. Technical Report 148, Computer Science, University of Auckland.
  6. Collberg, C. S. and Thomborson, C. (2002). Watermarking, tamper-proofing, and obfuscation - tools for software protection. IEEE Trans. on Software Engineering, 28(8):735-746.
  7. Courtney, C. (2012). Cloud computing security risks ? hypervisor and multi-tenancy. Cloud Security.
  8. Dalheimer, M. and Pfreundt, F.-J. (2009). GenLM: license management for grid and cloud computing environments. In Proc. of 9th ACM/IEEE International Symposium on Cluster Computing and the Grid (CCGRID 7809), pages 132 -139.
  9. Dierks, T. and Rescorla, E. (2008). The transport layer security (TLS) protocol version 1.2. Internet Engineering Task Force (IETF), RFC5246.
  10. Diffie, W. and Hellman, M. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6):644 - 654.
  11. Dvir, O., Herlihy, M., and Shavit, N. N. (2005). Virtual leashing: Internet-based software piracy protection. In Proc. of 25th IEEE International Conference on Distributed Computing Systems (ICDCS2005).
  12. elasticLM (2010). elasticLM - License as a Service (LaaS). The Fraunhofer Institute for Algorithms and Scientific Computing SCAI.
  13. Fukushima, K., Kiyomoto, S., and Miyake, Y. (2012). Software protection combined with tamper-proof device. IEICE Trans. on Fundamentals, E95-A, No.1:213- 222.
  14. Gilmont, T., Legat, J.-D., and Quisquater, J.-J. (1998). An architecture of security management unit for safe hosting of multiple agents. In Proc. of the International Workshop on Intelligent Communications and Multimedia Terminals.
  15. Goel, U. and Dua, R. L. (2012). A review paper on cryptographic approach for license management system in cloud computing. In Indian Journal of Computer Science and Engineering (IJCSE), volume 3, No.4, pages 626-631.
  16. Goldreich, O. (1987). Towards a theory of software protection and simulation by oblivious rams. In Proc. of ACM STOC 7887, pages 182-194.
  17. Goldreich, O. and Ostrovsky, R. (1996). Software protection and simulation on oblivious rams. In Journal of ACM, volume 43(3), pages 431-473.
  18. Hohl, F. (1998). Time limited blackbox security: Protecting mobile agents from malicious hosts. In Lecture Notes in Computer Science 1419, pages 92-113.
  19. Hou, Z., Zhou, X., and Wang, Y. (2007). Software license management optimization in the campus computational grid environment. In Proc of the third International Conference on Semantics, Knowledge and Grid, pages 604 -605.
  20. Kantarcioglu, M., Bensoussan, A., and Hoe, S. (2011). Impact of security risks on cloud computing adoption. In 2011 49th Annual Allerton Conference on Communication, Control, and Computing (Allerton), pages 670 -674.
  21. Li, J., Weldrich, O., and Ziegler, W. (2008). Towards slabased software licenses and license management in grid computing. In From Grids to Service and Pervasive Computing, pages 139-152.
  22. Mana, A. and Pimentel, E. (2001). An efficient software protection scheme. In Proc. of 16th IFIP International Conference on Information Security (ISC2001), pages 385-401.
  23. Microsoft Corporation (2003). Technical overview of windows rights management services for windows server 2003.
  24. Monden, A., Iida, H., Matsumoto, K., Inoue, K., and Torii, K. (2000). A practical method for watermarking java programs. In Proc. of 24th Computer Software and Applications Conference (COMPSAC2000), pages 191-197.
  25. Mumtaz, S., Iqbal, S., and Hameed, E. I. (2005). Development of a methodology for piracy protection of software installations. In Proc. of International Multitopic Conference (INMIC2005).
  26. Nakano, Y., Cid, C., Kiyomoto, S., and Miyake, Y. (2012). Memory access pattern protection for resource-constrained devices. In Proc. of The 8th Smart Card Research and Advanced Application Conference (CARDIS2012), LNCS, volume 7771, pages 188-202.
  27. Popovic, K. and Hocenski, Z. (2010). Cloud computing security issues and challenges. In MIPRO, 2010 Proceedings of the 33rd International Convention, pages 344 -349.
  28. Raekow, Y., Simmendinger, C., Grabowski, P., and Jenz, D. (2010). License management in grid and cloud computing. In Proc. of 2010 International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), pages 9 -15.
  29. Shaikh, F. and Haider, S. (2011). Security threats in cloud computing. In 2011 International Conference for Internet Technology and Secured Transactions (ICITST), pages 214 -219.
  30. Shi, W., Hsien-Hsin, Falk, S. L. L., and Ghosh, M. (2006). An integrated framework for dependable and revivable architectures using multicore processors. In Proc. of the 33rd International Symposium on Computer Architecture (ISCA2006).
  31. Shokurov, A. (2004). An approach to quantitative analysis of resistance of equivalent transformations of algebraic circuits. Technical report, Institute for System Programming Russian Academy of Sciences.
  32. Simmendinger, C., Kraemer-Fuhrmann, O., and Raekow, Y. (2008). Support for client-server based license management schemes in the grid. In Collaboration and the Knowledge Economy: Issue, Application, Case Studies, pages 1262-1272.
  33. Suh, G. E., Clarke, D., Gassend, B., van Dijk, M., and Devadas, S. (2003). Aegis: Architecture for tamperevident and tamper-resistant processing. In Proc. the 17th annual international conference on Supercomputing, pages 160-171.
  34. The BEinGRID Project (2009). BEinGRID, business experiments in grid. the European Unionfs sixth research Framework Programme (FP6).
  35. The SmartLM Project (2013). SmartLM - grid-friendly software licensing for location independent application execution. the European Commission Programme, Information and Communication Technologies.
  36. Wang, C., Davidson, J., Hill, J., and Knight, J. (2001). Protection of software-based survivability mechanisms. In Proc. of International Conference of Dependable Systems and Networks (DSN2001), pages 193-202.
  37. Zhang, X. and Gupta, R. (2003). Hiding program slices for software security. In Proc. of the international symposium on Code generation and optimization: feedbackdirected and runtime optimization, pages 325-336.
  38. Zhang, Y., Juels, A., Reiter, M. K., and Ristenpart, T. (2012). Cross-vm side channels and their use to extract private keys. In Proc. of the 2012 ACM conference on Computer and communications security, CCS 7812, pages 305-316.
  39. Zhao, J., Yao, N., and Cai, S. (2009). A new method to protect software from cracking. In Proc. of World Congress on Computer Science and Information Engineering (CSIE2009), pages 636-638.
  40. Zhuang, X., Zhang, T., Lee, H.-H. S., and Pande, S. (2004). Hardware assisted control flow obfuscation for embedded processors. In Proc. of ACM CASES 2004, pages 292-302.
Download


Paper Citation


in Harvard Style

Kiyomoto S., Rein A., Nakano Y., Rudolph C. and Miyake Y. (2013). LMM - A Common Component for Software License Management on Cloud . In Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013) ISBN 978-989-8565-73-0, pages 284-295. DOI: 10.5220/0004504502840295


in Bibtex Style

@conference{secrypt13,
author={Shinsaku Kiyomoto and Andre Rein and Yuto Nakano and Carsten Rudolph and Yutaka Miyake},
title={LMM - A Common Component for Software License Management on Cloud},
booktitle={Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)},
year={2013},
pages={284-295},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004504502840295},
isbn={978-989-8565-73-0},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 10th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2013)
TI - LMM - A Common Component for Software License Management on Cloud
SN - 978-989-8565-73-0
AU - Kiyomoto S.
AU - Rein A.
AU - Nakano Y.
AU - Rudolph C.
AU - Miyake Y.
PY - 2013
SP - 284
EP - 295
DO - 10.5220/0004504502840295