|
Reprise Software Quick Links
|
Reprise Software
www.reprisesoftware.com
info@reprisesoftware.com
781-837-0884 |
|
|
The December issue of
Options, the Software Licensing
Newsletter from the folks at Reprise
Software, is chock full of new and
interesting topics. We hope you find
this issue useful and informative.
Please feel free to
forward this to a friend
using the link at the bottom of the
page.
Thanks.
|
Advanced Device
Fingerprinting
A more
secure hostid?
Excerpts from
white paper by Casey Potenzone, CIO,
Uniloc USA, Inc.
Device recognition, the process of uniquely
identifying a user device, is the secure
foundation of Device Locking Software
Activation (DLSA). The hack resistance of a
DLSA system depends primarily upon its
ability to uniquely and consistently
identify a device using its "device
fingerprint". A device fingerprint is
created by sampling a range of non-personal
information about a user's device and then
hashing that information into an encrypted
code string.
Early software activation systems used
readily accessible device information such
as Volume Serial Number, Network Name or
Hard Drive Serial Number to generate the
device fingerprint. The problem with using
such readily accessible information is that
they are easily spoofed and susceptible to
license key generators.
Advanced DLSA systems do not rely on
component information that is easily
changed, and instead sample a wide range of
"non-user-configurable" device sampling
points such as hard drive damage map, chip
benchmarking, bios and firmware versions,
manufacturer serial numbers and many
others. The most advanced DLSA systems
sample over 10,000 unique points of data in
a typical PC and reliably distinguish one PC
from another with more accuracy than DNA can
distinguish human beings. The larger the
pool of device information, the higher the
integrity and more hack resistant the device
fingerprint. Also, the wider the range of
component targets, the more tolerance for
change in a user's device before requiring
re-authentication, enabling higher system
reliability and overall efficiency. Lastly,
a large selection of device anchors enables
publishers to tailor hardware anchor
importance to those components most
applicable to their applications.
To accomplish the business objectives of the
software publisher and realize the value of
a DLSA implementation, a high quality device
fingerprinting technology must be the
foundation. The integrity of the device
fingerprint depends on the number and range
of the sampling targets and the ability to
include non-user-configurable targets. In
addition, the ability to sample components
using a combination of interfaces, such as
high level OS calls and low level driver
interfaces, further increases the integrity
of the system.
By combining DLSA technology with a robust
license manager like RLM, software vendors
and their users have the best of both
worlds: license management that maps
software functionality to exactly what users
want to buy, and a device identifying
technology that can tolerate modest changes
to the user's system configuration before a
new license key is required. Please contact
Reprise Software for more information.
To read the complete white paper, please
click here. |
RLM Customer:
Physware, Inc.
 Physware,
Inc.,
is a venture-backed Electronic
Design Automation
(EDA) enterprise software company
that develops high-speed field
solutions for signal and power
issues in high-frequency
package and board-level electrical
modeling and design for the
microelectronics industry.
The company's patent-pending,
physics-aware technology tightly
couples analysis and design methods
to the underlying Maxwell's and
circuit equations, enabling
robustness and efficiency at every
step of the design cycle and
significantly reducing time to
market.
Physware is currently working with
the world's leading microprocessor,
memory, wireless, analog,
mixed-signal and consumer
electronics companies to name a
few. Physware's accelerated
electronic design automation
technology delivers:
- Unprecedented capacity
ranging from selected nets to
full package and board
simulations.
- Significantly faster speed
than current methodologies.
- The ability to span the
entire design cycle while
maintaining concurrent,
uncompromising Maxwell
accuracy.
Physware technology is based on
multiple patent-pending
methodologies, over one hundred
publications, several PhD theses,
and significant research funding by
DARPA, NSF and industry leaders.
One of the significant challenges
that enterprise software companies
face is efficient licensing models.
EDA licensing models require support
of a variety of licensing features,
including node locked, network based
floating and geography based
floating. Different models of
licensing including perpetual, term
and subscription licensing is also
an important consideration.
After research and studying
available licensing solutions in the
marketplace, Physware has chosen
RLM, the flagship product from
Reprise Software, Inc. Innovative
features, ease of implementation and
deployment, web based license
monitoring and efficient support
were the primary factors influencing
Physware's decision to choose RLM
for their initial licensing needs.
RLM also supports advanced features
such as token licensing and license
roaming, which they feel could pave
the way for future licensing models
in the EDA space.
Physware can be reached at
http://www.physware.com
|
|
|
Token Licensing
Schemes
Using Tokens to Increase Licensing
Flexibility
One of the advantages of using the
Reprise License Manager is being
able to capitalize on the decades of
license management experience we've
been able to distill into RLM.
Among the more-advanced and capable
of the features we've put into RLM
is
"Token Licensing".
If you've ever wondered how to
provide a license model to your
customers that allows you to:
- define product rights in
terms of relative value between
your products, or
- allow a user to consume a
mix of your products up to a
pre-determined level of value,
or
- let a user consume a
more-expensive alternative
license when a more-common
product is unavailable,
then token licenses may be what
you need.
To start using token licensing,
simply implement the RLM API as you
would for any supported license
model. If this is already done,
great! No need to create a second
version of your product just to
support token licensing - it's
built in.
Now, think of how you want the value
of your products to relate to one
another. You may want to create a
hierarchy of products, with lowest
value to highest ("lite", "basic",
"pro", "guru", etc.) Or, you may
wish to use a notion of "product
units" against which all
token-licensed products are ranked
by relative value.
Then, enable token licensing via the
license files you give to your
customers. Specify a LICENSE in
terms of another of your company's
products (or "product_units" or
other surrogate for value):
LICENSE software_co sample 1.0
permanent token sig=xxxx \ token="<product_units
2.0 5>"
Be sure to also include in the
customer's license file the
appropriate amount of "product_units":
LICENSE software_co product_units
2.0 permanent 100 sig=xxxx
In the above example, the customer
will consume five "product_units"
for each instance of "sample" that
they run, up to a concurrent limit
of 100 "product_units", or two
concurrent instances of "sample".
There are obviously many more examples
we could provide; hopefully this conveys
the rudiments of an approach to using
tokens.
Feel free to contact us via
info@reprisesoftware.com should you
wish to discuss the ways in which RLM
could help you bring your products to
market with a token licensing scheme.
|
|
RLM v4.0 beta is
here
Planned release (Q1 2008)
RLM v4.0
is current in beta and is expected to be
released in Q1 08. Here is a partial list of
the new features added with this release.
For Developers:
- New activity flag (for automatic
heartbeats) - to tell server when
application is idle - to timeout
licenses
- Advanced "named user" license
type - enforces user-include list
prevents re-enrollment of user for X
hours
- Transition guide from older LM
systems
- RLM can verify licenses against
any ethernet addresses on Mac, and
Linux
- RLM tries to checkout roamed
license if all other checkouts fail
- New API call -
rlm_license_exp_days() - returns how
many days until license expires
- Detect Solaris containers on x64
- to prevent multiple copies of the
license server from running on the
same system
Internet Activation:
- Ability to upload arbitrary
license fields to activation server
through rlm_act_request() activation
api call - (e.g. customer, contract
info)
- Allow issued=today during
activation
For Administrators:
- New rlm options file to limit
access to
"stat/shutdown/reread/edit"
functions
- Use -c option to rlmutil to
override RLM_LICENSE env variable
- Allow editing of options files
from web admin interface
- Web admin interface displays
last 20 lines of debug log
- Web admin interface shows which
licenses are roaming
- Include seconds, milliseconds on
denials in report log
- Report Log Anonymizer - utility
to remove private (user/host) names
from report log
- Auto rotation of report logs
(daily, weekly, monthly , or n-days
ROTATE in options file)
If you would like to evaluate RLM or
beta test v4.0 RLM, please
click here.
|
|
| |
|
