Secure Software Licensing: Models, Constructions, and Proofs

Costea, Sergiu; Warinschi, Bogdan

doi:10.1109/csf.2016.10

Cited by 2 publications

(6 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moraes et al [9] studied common incompatibilities among open-source licenses, compared file-level and project-level license options, and recommended that developers use a file-level multi-licensing model for their code to overcome compatibility issues and offer less restrictive access options. As part of the license management and enforcement, other research proposed using the Markov chain to flag abnormal user behavior, binary analysis tools to detect code cloning, and a Trusted Execution Environment (TEE) to ensure compliance with license agreements [22], [23], [24]. Regarding leveraging blockchain, Stepanova and Erinš [3] suggested using the technology to maintain the history of the software licenses and those who hold the legitimate license, whereas Chiu et al [25] proposed using Ethereum and IPFS for software validation and integrity.…”

Section: A Multi-license Managementmentioning

confidence: 99%

NFTs for Open-Source and Commercial Software Licensing and Royalties

et al. 2023

View full text Add to dashboard Cite

Software licenses are legal agreements of sale and usage among software developers and clients. Such legal agreements are crucial to effectively manage ownership and protect the rights of involved parties. Today's software licensing mechanisms are mostly centralized and do not address the ever-increasing issues and complexities of modern software that may include multiple licenses, open-source distribution, rewarding other contributors of external software libraries, and utilizing royalty payments for monetization. As a result, developers have lost confidence in the existing software licensing models, and many software projects are failing due to lack of funding and royalty payments. This paper addresses such issues and complexities by proposing a novel decentralized software licensing system based on Non-Fungible Tokens (NFTs) and blockchain. The proposed licensing system is applicable to both commercial and open-source software. We use NFTs as digital tokens that encapsulate software code and their artifacts by minting them as unique valuable assets that allow developers to store and manage them on a blockchain ledger. With NFTs, developers can register and license their code, monetize it on NFT marketplaces, and earn royalties from other software projects that use their code. We present system architecture, relevant sequence diagrams, and develop aggregation algorithms for Ethereum smart contracts with ERC-1155 NFTs. Furthermore, we perform functional validation of our system and analyze the cost of its adoption. We also analyze the security of the solution and show how its applicability can be generalized and extended. We have made our smart contract code and related testing scripts publicly available on GitHub.

show abstract

Section: A Multi-license Managementmentioning

confidence: 99%

NFTs for Open-Source and Commercial Software Licensing and Royalties

et al. 2023

View full text Add to dashboard Cite

show abstract

“…In addition to attestation, SOC provides confidentiality of the computed values and unicity of the computation. Finally we provide models and an automated analysis of a recent licensing protocol [9] and a one time password protocol [10].…”

Section: Our Contributionsmentioning

confidence: 99%

“…We validate our approach experimentally by checking IEE based protocols existing in the literature, starting from the relatively straightforward attested computation protocol from [3], and following with attested key exchange and secure outsourced computation from the same paper. We also verify the licensing protocol from [9] and a one time password protocol proposed in [10].…”

Section: Implementation and Case Studiesmentioning

confidence: 99%

“…The idea is that a vendor would like to authorize the use of a software only for users who have bought the software and therefore possess a valid license. In [9] Costea and Warinschi present a licensing scheme based on IEEs. We describe this protocol in Figure 10.…”

Section: Licensingmentioning

confidence: 99%

“…As defined in [9], the desired property of secure licensing is an injective mapping between the computations obtained by the user and the tokens produced by the vendor, i.e., any computation corresponds to a distinct token issued by the vendor. We modelled the above protocol in S APIC and were able to verify the security property.…”

Section: Licensingmentioning

confidence: 99%

See 2 more Smart Citations