A storage system includes: a host configured to receive a software image and a first signature for the software image, the first signature being generated based on a first secret key, and generate, based on a second secret key, a second signature for the software image; and a storage device configured to receive, from the host, the software image, the first signature, the second signature, and a second public key related to the second secret key and execute the software image, based on a first verification and a second verification the first verification being performed on the first signature on the basis of a first public key related to the first secret key, and the second verification being performed on the second signature on the basis of the second public key.

A game identifier of an encrypted streaming electronic game to be streamed to a playback device may be received. The game identifier may comprise a title of the encrypted streaming electronic game. An electronic ticket for access by the playback device to a secured portion of the encrypted streaming electronic game may be gathered. The electronic ticket may specify a first gameplay state. The electronic ticket may be used to access the secured portion of the encrypted streaming electronic game at the first gameplay state. One or more gameplay actions to transform the encrypted streaming electronic game to a second gameplay state may be received. The second gameplay state may be provided to a state server, where the state server configured to instruct a license server to modify the electronic ticket to specify the second gameplay state for the encrypted streaming electronic game.

A method for managing licenses for soft IP on a partially reconfigurable hardware system, in particular an FPGA, wherein a license manager is provided in the non-configurable part of the hardware system, or is accessible only for the non-configurable part of the hardware system, where the license manager has exclusive access to a non-volatile memory in which license data having a time restriction of the useful life of at least one soft IP is stored, where before activating a particular soft IP, the license manager checks whether the useful life has expired, where the license manager only releases use of the soft IP if the useful life has not yet expired, where the license data is changed using a key, which is stored in a non-volatile memory for license data, and where a new key is stored and the preceding key is deleted when the license data is changed.

The invention is a method for controlling execution of an application. The method comprising: installing and activating a software license unit including License terms and a secure repository comprising both an applet and parameters, providing a virtual USB dongle including a command gate, a License validator, a VM controller and a VM engine initially devoid of applet, verifying the License terms and only if the verification of the License terms is successful: loading said applet and parameters to the VM engine and enabling the Command gate, initializing configuration data and secret data in the VM engine by using the parameters stored in the VM engine then exchanging, between the applet and said hardware function driver, USB messages to control execution of said application.

The invention is a method for controlling execution of an application. The method comprising: installing and activating a software license unit including License terms and a secure repository comprising both an applet and parameters, providing a virtual USB dongle including a command gate, a License validator, a VM controller and a VM engine initially devoid of applet, verifying the License terms and only if the verification of the License terms is successful: loading said applet and parameters to the VM engine and enabling the Command gate, initializing configuration data and secret data in the VM engine by using the parameters stored in the VM engine then exchanging, between the applet and said hardware function driver, USB messages to control execution of said application.

Novel tools and techniques for an IoT shell are provided. A system includes an internet of things (IoT) device, a database, and a license manager. The database may include one or more sets of authorized licenses, each set of authorized licenses associated with a respective vendor software. The license manager may be in communication with the IoT device and the database, and further include a processor and a non-transitory computer readable medium comprising instructions executable by the processor. The license manager may be configured to receive a request to reserve a license for a first vendor software, determine an availability of the license associated with the first vendor software, register a unique identifier of the IoT device in association with the license, and grant the license to the IoT device.

A computer system is configured for digital rights management for distributing and tracking downloadable proprietary source code defining a 3-D object and being usable to print the object on a 3D printer and protect the 3D object data from unauthorized printing. The computer system stores an inventory of proprietary source code corresponding to designs of a plurality of 3D objects, and enables a user to see the inventory of designs of the plurality of 3D objects in an online store, and permits the user to securely purchase use of the source code of a desired 3D object viewed therein. The computer system sends the proprietary source code defining the desired 3D object to a 3D printer, and controls printing of the desired 3D object made by the 3D printer to prevent further use of the source code when the purchased use in completed, using one of three different typologies.

Computing systems with dynamic architectures may be used to secure against code-injection attacks and other exploits. A system may generate multiple representations of instructions or other data associated with each of a set of configurations of the system. The system may periodically or randomly change configurations such that malicious code that is executable in one configuration cannot be executed in another configuration. A system may also detect malicious code by comparing code previously generated in one representation with different representations of the same code. If, during execution of a representation of a program code, the system determines that the representation specifies instructions that differ from other representations of the same program code, they system may stop executing the compromised program code, change its configuration, and continue to execute another representation of the program code that has not been compromised.

Techniques for managing activation of software, e.g., an operating system, in an information processing system are provided. For example, a method comprises the following steps. A data object is obtained for a system having an un-activated computer program stored thereon. The data object comprises information about the system encrypted by a private value. The method then causes the data object to be securely stored on a distributed ledger for subsequent access during a process to activate the computer program.

Techniques for managing activation of software, e.g., an operating system, in an information processing system are provided. For example, a method comprises the following steps. A data object is obtained for a system having an un-activated computer program stored thereon. The data object comprises information about the system encrypted by a private value. The method then causes the data object to be securely stored on a distributed ledger for subsequent access during a process to activate the computer program.