Secure Software Licensing: Models, Constructions, and Proofs

Sergiu Costea, Bogdan Warinschi

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

1 Citation (Scopus)
500 Downloads (Pure)


The problem of secure software licensing is to enforce meaningful restrictions on how software is run on machines outside the control of the software author/vendor. The problem has been addressed through a variety of approaches
from software obfuscation to hardware-based solutions, but existent solutions offer only heuristic guarantees which are often invalidated by attacks. This paper establishes foundations for secure software licensing in the form of rigorous models. We identify and formalize two key properties. Privacy demands that licensed software does not leak unwanted information, and integrity ensures that the use of licensed software is compliant with a license – the license is a parameter of our models. Our formal definitions and proposed constructions leverage the isolation/attestation capabilities of recently proposed trusted hardware like SGX which proves to be a key enabling technology for provably secure software licensing.
Original languageEnglish
Title of host publication2016 IEEE 29th Computer Security Foundations Symposium (CSF 2016)
Subtitle of host publicationProceedings of a meeting held 27 June - 1 July 2016, Lisbon, Portugal
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Number of pages14
ISBN (Electronic)9781509026074
ISBN (Print)9781509026081
Publication statusPublished - Aug 2016
Event2016 IEEE Computer Security Foundations Symposium - San Jose, United States
Duration: 23 May 201625 May 2016


Conference2016 IEEE Computer Security Foundations Symposium
Country/TerritoryUnited States
CitySan Jose


  • Licenses
  • Software
  • Hardware
  • Privacy
  • Cryptography
  • Mathematical model


Dive into the research topics of 'Secure Software Licensing: Models, Constructions, and Proofs'. Together they form a unique fingerprint.

Cite this