License System Security
It is not possible to guarantee complete protection against the unauthorized
use of software. A licensed application is only as secure as the steps the
software publisher takes to prevent code modifications that could result in
bypassing license requirements. However, if you incorporate the License Service
Application Programming Interface (LSAPI) functions in your application, you can deter
license system tampering and reveal when tampering occurs. The measure of security the LSAPI functions provide is not tamperproof, but
intruders must use an overt act of programming to compromise it.
Much of the security provided by the LSAPI functions is accomplished by
including a challenge/response protocol in the calls to the LSAPI functions. The
purpose of the protocol is to ensure that a valid license is present. It provides a
reasonably reliable way for both the license system and the application to
verify that the other has an identical secret value. Applications can use the
protocol to authenticate both the license and the path from the application to the
license.
The LSAPI functions use the MD4 Message-Digest Algorithm from RSA Data
Security, Inc., to meet basic LSAPI security goals. This algorithm does not require
patented cryptographic techniques. Knowledge of the algorithm neither compromises
the secrets the application passes through it, nor the level of security the
LSAPI offers. If you use a more complex challenge/response algorithm, it may not
raise the level of security, and if you use a more sophisticated
challenge/response protocol, all license systems may not support it. Maintaining the privacy
of the shared secret values, however, is essential to the reliability of the
LSAPI security protocol.
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
