Technique for controlling access to program assets

摘要

A system that controls access to program assets, such as software programs or modules, is described. During operation, this system associates a first license code with a first group of program assets and associates a first master code with the first license code, where the first group of program assets includes one or more program assets associated with a first provider, and the first license code identifies the first master code. Then, the system provides the first license code, the first master code, and a pre-defined function to the first provider, and hosts the first group of program assets on a website. Note that the first master code and the pre-defined function allow the first provider to generate a first validation code for a customer. Moreover, the first validation code and the first license code, at least in part, allow the customer to access the first group of program assets hosted on the website, thereby facilitating independent marketing of the first group of program assets by the first provider.

主权项

1. A method for controlling access to program assets, comprising:
a first entity hosting a first set of program assets; the first entity receiving a second set of program assets from a second entity, wherein the second entity provides the second set of program assets; and the first entity identifying if a customer of the first entity is also a valid customer of the second entity without receiving information about the valid customer from the second entity, wherein the information is needed to authorize the valid customer to access the second set of program assets, thereby facilitating the second entity to independently market the second set of program assets, wherein the facilitating comprises:
the first entity associating a first license code with the second set of program assets;the first entity associating a first master code with the first license code, wherein the first master code is a unique master key that is associated with the first license code;the first entity providing the first license code, the first master code, and a validation function to the second entity, wherein the validation function is a cryptographic function;the second entity cryptographically generating a first validation code for the valid customer of the second entity by:
combining the master code and a generated code, wherein the generated code is one of a random or a pseudorandom sequence of at least 64 bits, andapplying the validation function to the combination of the master code and the generated code;the second entity providing the first validation code, the generated code, and the license code to the valid customer;the first entity hosting, on a website, the second set of program assets;the first entity receiving a request from the customer of the first entity, via the website, to access the second set of program assets, wherein the request includes the first validation code, the first license code, and the generated code;the first entity cryptographically generating a second validation code for the customer by:
combining the master code and a generated code, and applying the validation function to the combination of the master code and the generated code;the first entity determining if the first validation code matches the second validation code; andin response to the determining that the first validation code matches the second validation code,
the first entity identifying that the customer is also the valid customer of the second entity,the first entity authorizing access for the customer to the second set of program assets.