Workshop software licensing, protection & security. Including a few video's. How to license and protect your application? How to create recurring business with pay-per-use and temporary licenses?
3. WIBU-SYSTEMS
3
Wibu-Systems AG
Founded in 1989
By Oliver Winzenried and Marcellus Buchheit
Headquarters in Germany (Karlsruhe)
Focus on Protection, Licensing and Security
Technological leader with international patents
ISO 9001:2008 certified
Wibu-Systems Worldwide
Subsidiaries in Seattle, USA – Shanghai and Beijing,
China – France – Belgium – Netherlands – Spain – UK
Exclusive distribution partners in Russia – Japan –
Korea and many more
100 employees worldwide
Top 2 vendor in hardware based protection
Top 3 vendor in software licensing
4. WIBU-SYSTEMS
Excellent reputation
26 years of experience
Microsoft Gold Certified Partner
Top 3 supplier worldwide(IDC, F&S)
Best security, technology leader
ISO 9001:2000 certified
4
13. Do It Yourself or outsource?
Time required to build a licensing system
Different requirements on different OS & platforms
Cost of updating and maintaining
Constant checking for new hacker methods
13
26. The Costumer‘s View
26
Basic Program
Function 1
Function 2
ProductCode:
201000
PC:
201001
PC:
201002
PC 201000
PC 201001
PC 201002
27. CmContainer: CmDongles or CmActLicenses
CmDongle = DRM with
hardware key
CmActLicense =
Activated software
license, based on
system characteristics
CodeMeter.exe, the
local license server,
handels the requests
One executable
Sleutel
Software
Activatie
CodeMeter Licentie Server
27
Hardware Key
Software
Softw. Activation
CodeMeter.exe (runtime)
28. CodeMeter Runtime in Detail
28
CmDongle
CmCloudContaine
r
CmActLicense
Software
Tools
(Cmu32 / Trigger /
…)
CodeMeter
Control Center
API Interfaces
CodeMeter Runtime Service
Browser
WebAdmin
30. AxProtector .NET – Protection Process
30
ProtectedAssembly
CompiledAssembly
Header
Original Code
Header
Stub Code
(Without Intellectual
Properties)
AxEngine
(Security Engine)
Encrypted Code
(Original Code with
Intellectual Properties)
AxProtector
.NET
Definition
of licenses and
modules Assembly
has same
structure
as original
Assembly
33. At the heart of the CmDongles
Smartcard chip
Hardened against hardware attacks
Side Channel Attacks
Differential Power Analysis (DPA)
Firmware Update
New Security Features
New Features
Secure update channel
384 kByte Memory for
licenses
33
34. Dongles anno 2015??
Highest level of security with hardware secure
element
Many benefits for end-user (flexibility, comfort)
Simple and cost-effective for small projects
Often ideal solution for embedded systems
slide 34
36. “Key-Facts” CodeMeter
Symmetric encryption
128-Bit AES (Advanced Encryption Standard)
Used for software protection & encryption of data
Developed by two Belgian cryptographers, Joan
Daemen and Vincent Rijmen, University of Leuven
Asymmetric encryption
224-Bit ECC (Elliptic Curve Cryptography)
1024-Bit RSA (Rivest Shamir Adleman)
Used for signatures
Used for authentication
Protection for Software as a Service (SaaS)
36
43. License models and the options in CodeMeter
Single User License
Floating Network License
Rental License
Pay-Per-Use
Features On Demand (Modules)
Demo Licenses
Downgrade License
Cold / Hot Standby
Overflow Licenses
…
Text
License Quantity
Expiration Time
Usage Period
Unit Counter
Feature Map
Product Code
Maintainance Period
Customer Own License Information
…
Licensemodels
ProductItemOptions
43
44. Single-user and network licenses (CmLAN)
Possible with every
CodeMeter License
License Quantity (concurrent users
/ floating licenses in the network
and local use)
0 = only local use
1 = one floating license
N = N concurrent users
Licensing by computer
Multiple executions -> 1 user
(station share)
Terminal server or virtual
machine
Licensing by amounts of
executions
Every executed session is one
user (user limit)
License Quantity
44
45. Avantages of Flexible Software Licensing
All options available
Flexible use of features
More added value
More profitability (recurring business)
Satisfied customers in multiple
market segments
45
47. CmActLicense
Software Activation
Binding of the license to properties of the PC
License is stored encrypted in a license file (LIF)
Compatible with CmDongle (both at once)
47
48. Binding to hardware, the classical way
Self defined:
N: Netwerk adapter (Mac-adress)
D: Disk (the “real” serial number of the harddisk)
B: Bios (serialnumber)
C: CPU-type (type processor)
Combination of all features is possible
(3 of out 4) or (2 out of 3) possible:
DCBN:4 | DCBN:3 | N:1 | D:1 | DCB:2
48
49. Binding to hardware, with SmartBind
Automatic Binding Scheme (SmartBind)
Tight, Medium or Loose
49
50. Binding to PC-Configuration
IP-Address
Machine-SID
None
No binding
Delivery of pre-activated licensefile
Only once per PC
Serial, binding to own serialnumber
3rd party dongles
Serialnumber of chips
Random
50
56. CodeMeter in a Network (LAN)
14.10.2015 WIBU-SYSTEMS AG 56
API Interfaces
CodeMeter
Runtime Service
Browser
WA
Browser
Network Server Network Client
TCP/IP | Port 22350
TCP/IP | Port 22350
CodeMeter
Runtime Service
WA
Software
58. Searching for Network Servers
Search per broadcast
Within subnet
Server search list at client
Server name
IPv4 or IPv6 Address
Per IP-Address / server name via API
Server name
IPv4 or IPv6 Address
14.10.2015 WIBU-SYSTEMS AG 60
61. Access Control at Server
Simple access control
Simple list of allowed IP-Addresses or computer names
Advanced access control
Active Directory group, Active Directory user, computer name, or
subnet
Reserved minimum
Allowed maximum
14.10.2015 WIBU-SYSTEMS AG 64
63. Viewer for Allocated / Available Licenses
Automatically in CodeMeter WebAdmin
Via API in customized software
14.10.2015 WIBU-SYSTEMS AG 66
64. License Tracking
Tamper-proof protocol of usage history
Detection of used licenses and users
Detection of rejected licenses and users
Simple graphical analysis in WebAdmin
Text format for further processing in third-party programs
14.10.2015 WIBU-SYSTEMS AG 68
70. 1 Dongle for many different software products of
different vendors
Multivendor Licenses
Up to 6,000 licenses
on 1 Dongle!
74
71. Time Based Security
Time Based Licenses without Battery needed
Use time based models
Expiration time
Usage period
Maintenance period
At runtime every check also creates a License
time stamp
75
72. Firmware Updates
Instant access to future innovations
Since 2003
Stay one step ahead of hackers
Remote
76
74. Summary – CodeMeter
Complete solution for protection & licensing with
Hardware or Software licenses
Global Top Tier Security
Scalable Solution
78
76. Basic Program
CodeMeter Control Center:
WebAdmin – check all available
licenses
End-User Tool
AxProtector / IxProtector:
Automatic Protection for
your application
Settings for licensing / security
CommandLine Tool:
execute many different CodeMeter
functions
License Editor:
Simple tool for programming
CmDongles
ProductCode: 201000
PC: 201001
PC: 201002
CmDongle (hardware-based licensing):
Store licenses on Dongles
FirmCode 10
CmActLicense (software-based
licensing):
Store licenses on machines
FirmCode 5010
CodeMeter LicenseCentral:
Webtool for programming
CmDongles & CmActLicenses