Abstract: Provided is a method for use-case analysis of an application. It includes instrumenting a software application or an environment to generate execution traces at use-case reference points; capturing the execution traces during user interaction with the software application during a use-case scenario; applying a classification model to execution traces correlated to a sequence of interaction steps; and to report a use of the app. A machine learning module automatically adapts, updates and applies the classification model on use-case scenarios, thereby evidencing whether the customer successfully completed these use cases, and helping the product vendor understand if the customer is receiving value delivered by, and built into, the product or application. Other embodiments disclosed.

Abstract: The invention relates to a system and a method for adapting a response provided by a first device. The system comprises the first device with means for receiving from at least one client device, as at least one second device, a data access request comprising at least one client identifier and a predetermined application programming interface or service provider interface associated with the first device. The first device comprises means for processing the data access request that provides the response to the data access request and means for sending the response. The system comprises adapting means for intercepting and adapting the response sent by the first device. The adapting means adapts the response while being specific to the client and provides an adapted response. And the system comprises adapted response sending means for sending at least a part of the adapted response to the second or a third device(s).

Abstract: Protection of a first software application to be executed on an execution platform by adding at least one check module to the software application, wherein the check module, when being executed, checks at least a part of the code of the protected software application loaded in the memory and carries out a predefined tamper response in case the check module detects that the checked code was changed or ensures that the protected software application continues to function correctly in case the check module detects that the checked code was not changed; selecting a first code region of the first software application, said first code region provides a first functionality when being executed; amending the selected first code region of the first software application such that an amended first code region is generated to provide the protected software application; wherein the amended first code region, when being executed, still provides the first functionality but carries out an access to at least a part of the code

Abstract: Protection of a first software application to be executed on an execution platform by adding at least one check module to the software application, wherein the check module, when being executed, checks at least a part of the code of the protected software application loaded in the memory and carries out a predefined tamper response in case the check module detects that the checked code was changed or ensures that the protected software application continues to function correctly in case the check module detects that the checked code was not changed; selecting a first code region of the first software application, said first code region provides a first functionality when being executed; amending the selected first code region of the first software application such that an amended first code region is generated to provide the protected software application; wherein the amended first code region, when being executed, still provides the first functionality but carries out an access to at least a part of the code

Abstract: The invention provides a method for verifying the state of a distributed ledger. This method comprises the steps of creating a chain of data blocks, performing an authentication writing operation in the chain of data blocks and checking the authentication time of the last authentication block. Each block comprises a signature which is based on information of the previous block. The authentication writing operation comprises authentication information voted by a plurality of trusted authentication nodes, creating at least one authentication block in an authentication time. The checking step is carried out by a software instance, thus considering the information of the distributed ledger as verified and alive until this authentication time.

Abstract: A method for controlling execution of a software application a) determining the point in time of at least one installation of an operation system, installation of a computer program, updating of the operation system, updating of the computer program, b) generating platform information based on the installed/updated system/program and the determined point in time, c) generating a first fingerprint based on the platform information, which is characteristic for the execution platform at the determined time, d) generating a license including said first fingerprint, which defines terms of allowed execution of the software application, and e) controlling the execution by—determining platform information used for generating the first fingerprint and generating a second fingerprint based on said platform information—comparing the second fingerprint with the first fingerprint, and—allowing execution of the software application if the second fingerprint complies with the first fingerprint.

Abstract: The invention relates to a system and a method for adapting a response provided by a first device. The system comprises the first device with means for receiving from at least one client device, as at least one second device, a data access request comprising at least one client identifier and a predetermined application programming interface or service provider interface associated with the first device. The first device comprises means for processing the data access request that provides the response to the data access request and means for sending the response. The system comprises adapting means for intercepting and adapting the response sent by the first device. The adapting means adapts the response while being specific to the client and provides an adapted response. And the system comprises adapted response sending means for sending at least a part of the adapted response to the second or a third device(s).

Abstract: A method for controlling an execution of a software application on an execution platform in a first local network comprises: determining a first environment fingerprint including a first network fingerprint characteristic for the first local network using predetermined rules; generating a license including the first environment fingerprint and defining terms of allowed execution of the software application; and controlling the execution by: determining a second environment fingerprint including a second network fingerprint of a local network in which an execution platform for the software application is included using the predetermined rules; comparing the second environment fingerprint with the first environment fingerprint of the license; allowing execution of the software application according to the terms of the license where the second environment fingerprint complies with the first environment fingerprint, and preventing the execution of the software application where the second environment fingerprint

Abstract: A method for controlling execution of a software application a) determining the point in time of at least one installation of an operation system, installation of a computer program, updating of the operation system, updating of the computer program, b) generating platform information based on the installed/updated system/program and the determined point in time, c) generating a first fingerprint based on the platform information, which is characteristic for the execution platform at the determined time, d) generating a license including said first fingerprint, which defines terms of allowed execution of the software application, and e) controlling the execution by—determining platform information used for generating the first fingerprint and generating a second fingerprint based on said platform information—comparing the second fingerprint with the first fingerprint, and—allowing execution of the software application if the second fingerprint complies with the first fingerprint.

Abstract: A method for controlling an execution of a software application on an execution platform in a first local network comprises: determining a first environment fingerprint including a first network fingerprint characteristic for the first local network using predetermined rules; generating a license including the first environment fingerprint and defining terms of allowed execution of the software application; and controlling the execution by: determining a second environment fingerprint including a second network fingerprint of a local network in which an execution platform for the software application is included using the predetermined rules; comparing the second environment fingerprint with the first environment fingerprint of the license; allowing execution of the software application according to the terms of the license where the second environment fingerprint complies with the first environment fingerprint, and preventing the execution of the software application where the second environment fingerprint

Abstract: An authenticated digital confirmation of an installation or an update of a licensed computer data product, for providing the licensor with a validation that the installation/update was carried out as intended, and conveying relevant details of the installation/update. The installation/updating facility (internal software, external hardware device, or combination thereof) examines and documents the pre-installation/update state of the target computer system, performs the installation/update, examines and documents the post-installation/update state, and generates the confirmation, which is a summary or digest of the process and the status thereof. The confirmation is securely authenticated and sent to the licensor for validation, to be used for order fulfillment, billing and accounting, and other purposes.

Abstract: A program comprises a functional block. The functional block is encrypted, additional code is added to the program and a protected program is generated that is executable only in the presence of a predetermined license in a computer system which comprises a protection module for protection against unauthorized execution of the protected program. If the encrypted functional block is to be executed, the additional code is executed. If a license is present, the additional code and/or the protection module causes decryption of the functional block, allows execution of the decrypted functional block, and upon completion of execution of the functional block, causes removal of the decrypted functional block from the working memory.

Abstract: A method for controlling the execution of a software application on a computer system. The method includes the steps of generating a license map based on a given license for the application, the license map including the information on which user is allowed to execute the application, providing a license client on the computer system and providing a license server delivering the license map to the license client. When a user requests execution of the application, the license client decides whether the user is allowed to execute the application based on the license map.

Abstract: An apparatus, computer readable medium, and method of protecting an application, the method including responding to receiving a level of security for the application by evaluating each of a plurality of routines of the application to generate an evaluation for each of the plurality of routines of the application; selecting a number of the plurality of routines to protect based on the evaluation for each of the plurality of routines and the received level of security; and protecting the selected number of the plurality of routines.

Abstract: A group of secret sets is provided, each set including a key and an assigned identifier. The sets are stored in a secure hardware device that can retrieve the key of any of the sets using the key's corresponding identifier. A set is stored in an application, and the application is executed on a computer coupled to the secure device. The application defines a session key, encrypts the session key using the key from the set stored in the application, generates session data including the stored set's identifier and the encrypted session key, and sends the session data to the secure device. The secure device obtains from the session data the encrypted session key and the identifier, retrieves the key corresponding to the identifier, and uses the retrieved key to decrypt the session key. The session key is then used to encrypt and decrypt communications between the secure device and the computer.

Abstract: A group of sets is provided, each including a secret and an assigned identifier. The sets are stored in a hardware device that can retrieve the secret of any of the sets using the secret's corresponding identifier. A set is stored in an application, and the application is delivered to a user who runs it on a computer coupled to the device. The application defines a session key, generates session data including the stored set's identifier and the session key encrypted with the stored set's corresponding secret, and sends the session data to the device. The device retrieves from the session data the encrypted session key and the identifier, retrieves from its storage the secret corresponding to the identifier, and uses the secret to decrypt the session key. The session key is then used as a shared key for secure communications between the hardware device and the computer.

Abstract: An efficient symmetrical-cryptographic method for using a fast but insecure host to perform encryption/decryption based on a secret key in a secure, but slow hardware token, such as a smartcard or similar device, without revealing the secret key to the host, and such that the ciphertext and plaintext are exactly the same size. The present method is suitable for use in Digital Rights Management and Software Rights Management applications which require precise interchangeability of ciphertext and plaintext in pre-allocated areas of data storage.

Abstract: A method of executing a program (2) on a computer (3) comprising a main memory (6) divided into pages comprises the steps of: loading a main section (7) of the program comprising a manipulating module into the main memory (6) and executing the main section (7), whose manipulating module (12) effects a manipulation of a first of a plurality of program blocks (8, 9, 10) of the program every time a predetermined page error is generated upon an attempt to access the first program block (8, 9, 10).

Abstract: A method of operating a computer system comprises the following steps: installing an executable main module of a program on the computer system, storing module data for the main module and/or for an additional module (A, B, C, D) of the program in the computer system, said stored module data comprising a license part required to determine the presence of the use authorization of the main module and/or of the additional module, and preferably also comprising an information part, evaluating the stored module data for acquisition of a further use authorization for the additional module (A-D) or for a further additional module (A-D), and providing information for the acquisition of a use authorization as a function of the result of evaluation.

Abstract: An authenticated digital confirmation of an installation or an update of a licensed computer data product, for providing the licensor with a validation that the installation/update was carried out as intended, and conveying relevant details of the installation/update. The installation/updating facility (internal software, external hardware device, or combination thereof) examines and documents the pre-installation/update state of the target computer system, performs the installation/update, examines and documents the post-installation/update state, and generates the confirmation, which is a summary or digest of the process and the status thereof. The confirmation is securely authenticated and sent to the licensor for validation, to be used for order fulfillment, billing and accounting, and other purposes.