Skip to content

AppSecure uses Gemalto's eGate smart card framework to enforce pay as you go services for Win32 applications. This entry made it to the pre-final round of Gemalto's eGate Open Contest in 2004

Notifications You must be signed in to change notification settings

deepakprabhakara/appsecure

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 

Repository files navigation

The proposed solution – AppSecure, provides an infrastructure for Software Piracy Control. It provides innovative and enhanced ways to access and distribute copyrighted works legally, with the help of Cryptoflex ,NET smart cards. Leveraging on what .NET Smartcard technology has to offer, AppSecure provides a platform that will reduce the risk of piracy.

The main logic behind the protection system is that the heart of any executable file format (“Portable Executable (PE)” (1) binary specification for Win32) one or more machine executable sections called the code section residing which is usually stored in the section named .text or .code. In the PE format, during execution of this section the Win32 Program loader looks for a special Relative Virtual Address (RVA) named AddressOfEntryPoint, which is the RVA from where code section is started. Now if the program entry point is missing, in all possibility, the Win32 Loader will refuse to run it. What AppSecure does is leave everything in the PE file intact except the code following from AddressOfEntryPoint - which it separates from the EXE file, and loads it onto the .NET card and generates a license. The application vendor can now package and distribute his application with the .NET smart card loaded with a valid license. When the end user buys the software, installs it and runs the program, AppSecure will run the application by loading the code section from the card, all this in quick time thanks to the high communication speed offered by .NET Smartcard technology. Hence without an .NET card and a valid license the end user will be unable to make illegal copies of the software. The user needs the smart card every time he wishes to use the software. The same idea applies to the ELF executable format.

One obvious concern of such a solution would be the inconvenience caused to the user. He has to insert the card every time as the .NET card is used to check the integrity of the software. But there is always a trade off between security and convenience and AppSecure is a good compromise between the two. It is similar to the use of hardware locks to prevent piracy but one major advantage of using .NET smart cards is that multiple software access codes can be written on the same card thanks to the 32K memory store on the card. So that the user doesn’t have to change cards while using different software applications on his PC. They can all be integrated into one smart card. Reverse engineering of such an algorithm takes almost the same effort, if not more, as the effort needed to recode the software. Thus AppSecure provides an innovative method of Software Piracy Prevention. AppSecure’s flexible and robust distribution scheme allows vendors to offer sharewares (limited functionality) and try & buy software (full functionality that expires after a preset time).

About

AppSecure uses Gemalto's eGate smart card framework to enforce pay as you go services for Win32 applications. This entry made it to the pre-final round of Gemalto's eGate Open Contest in 2004

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published