Re: Securely limit the running an application by serial number
Re: Securely limit the running an application by serial number
- Subject: Re: Securely limit the running an application by serial number
- From: Kyle Sluder <email@hidden>
- Date: Fri, 3 Jul 2009 14:50:45 -0700
On Fri, Jul 3, 2009 at 1:33 PM, Michael Ash<email@hidden> wrote:
> In addition to what the others have said, you should think seriously
> about how useful obfuscation will be.
There might be an argument here about protecting trade secrets. If
you don't defend them, they lose their protected status.
The biggest threat to Ammar's product seems to be an insider attack.
"What You Know" security is not going to be useful here, since
everyone will have shared access to roughly equivalent knowledge.
"Who You Are" level security is going to be tough to implement in this
situation. That leaves us with "What You Have."
The best solution might be to have a server process running on a box
outside of the user's control, and have the client machines depend on
certain functionality provided by the server. You can generate a key
for each client, stick it on the client's keychain, and use that to
authenticate any messages transferred between the client and server.
This gives you the opportunity to revoke a rogue client's key, which
will cripple the client since it depends on the server for
functionality.
I only recommend this approach if you are providing this software on a
licensed, contractual basis. From my ethical perspective, customers
of buyout software should not be subject to such treatment.
--Kyle Sluder
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden