|
||||||
|
||||||
|
 |
 |
Spotlight: Security Tools Code Vulnerability A disassembler utility (ILDASM.exe) even ships with the .NET Framework, allowing .NET assemblies to be decompiled into Microsoft Intermediate Language (MSIL) instructions. This makes it easy for people with the right (or wrong) skills to see what your code is doing. And some decompilers can easily reformat code and even correct coding errors, allowing less-skilled hackers to get a detailed look at your code. (Of course, there are many decompilers available for applications written in Java and other languages, too. The problem is not unique to VS .NET or other Microsoft development tools.) Decompilers are certainly powerful tools that can also be used to your advantage. Knowing how easily someone can view your code will show you how to do more to protect it, for example, by using an obfuscator. Obfuscation, Licensing to the Rescue To increase .NET code security, some companies such as Remotesoft offer a code obfuscator. Licensing and authorization tools can be just as important as protecting the code itself. Controlling access to your programs, wherever they may be distributed, is vital to protecting your company's assets. Here, too, third-party vendors fill the gap, with products such as those by CrypKey and XHEO, which offer control for virtually any scenario. Once you know that your application and its code are secure, you'll be able to focus more time on development and spend less time worrying about protecting your hard work from theft. Here are some of the key companies, with descriptions of their flagship products. CrypKey The original CrypKey protection product, developed in 1992, was designed to provide a software-based solution rather than the common hardware key or "dongle" method. Today, CrypKey provides a full range of trusted software security solutions for developersfrom manual and automated to fully integrated e-commerce copy protection and license control. CrypKey developed the industry-first "CloneBuster" technology, offering stealth features to avert hard-drive copying with CrypKey SDK (Software Developer Kit) and CrypKey Instant 6.0 in late 2002. The company has since introduced an updated CrypKey SDK and CrypKey Instant 6.1, as well as Casper 2.0, an e-commerce security solution that automates the authorization of CrypKey-protected products. Casper features the latest capabilities in around-the-clock, fully automated licensing and copy protection. It verifies serial numbers or credit card purchases before authorizing a CrypKey-protected product, and enables users to download, complete product trials, and buy automatically at any time, seven days a week. CrypKey products serve small to medium and large enterprises alike. Based in Calgary, Alberta, Canada, the company has more than 3,000 clients including Cadence, Caterpillar, Ericsson, Fujitsu, Honeywell, IBM, Microsoft, Minolta, Nokia, 3M, and more. For more information, see www.crypkey.com. XHEO The XHEO|Licensing framework uses strong RSA encryption to sign XML license files. Each license file can contain multiple licenses for multiple products in multiple assemblies. Each license in turn can define a varying set of restrictions on how the licensed Type can be used. The new version also features multi-language support and a number of other speed and usability improvements. XHEO has several other e-commerce-related products in development, such as an Enterprise platform that maps .NET objects to data storage. XHEO also offers XHEO|WebSkin, providing full page and control skinning for ASP.NET applications. For more information, visit www.xheo.com. Remotesoft Remotesoft's other products include Remotesoft .NET Explorer, Salamander .NET Linker, and Salamander .NET Native Compiler. For more information, visit www.remotesoft.com.
|
|
|
|
|||||||||||||||||||||||||||||||||||||||||||
