Software Monetization Featured Article

SafeNet's AppOnChip Creates Strong Bond between Protected Software and Hardware Keys for Secure Software Licensing Solution

September 10, 2013

SafeNet (News - Alert) has introduced an enhanced version of the Sentinel® Envelope file-wrapper technology within its Sentinel License Development Kit (LDK), the company’s award-winning software protection, licensing, and entitlement management system. The reason software developers will be pleased is that with the new AppOnChip functionality within Sentinel Envelope, they will be able to bind protected software to hardware keys.

In fact, this approach to protecting developers’ intellectual property, so that it can securely and efficiently be monetized, is multi-layered. The Sentinel Envelope with the new capabilities requires the physical presence of the hardware key to not only validate usage authorization but to execute the code itself. Another way of saying this is that the already well-protected just became even more secure.

How AppOnChip works

As SafeNet explains, AppOnChip is a fully automated process for binding a Sentinel hardware key to protected software by forcing selected pieces of code to execute on the key. Its effectiveness as a great line of defense is that in the absence of the key, the application fails to execute. Plus, given concerns about growing vectors of vulnerability that can be exploited by those with less than honorable intentions, this is done without storing any of the application code on the key itself. The result is that AppOnChip strengthens Sentinel LDK’s extensive intellectual property protections, adding to Sentinel Envelope’s strong file encryption, code obfuscation, and anti-debugging features. It ups the ante in the prevention of illegal use of commercial software by unauthorized users.

AppOnChip aligns with SafeNet’s design principles by being easy to use and requiring no source code modification. This fully automated process examines applications and presents a list of functions with code blocks that are compatible with AppOnChip. The protected blocks, encrypted and signed, can then be dynamically loaded and executed on the hardware key.

SafeNet cites the following key benefits of SafeNet’s AppOnChip software protection technology:

  • Stronger security—Because AppOnChip forces a small piece of code to run on the token, and the results are necessary for the application to fully execute, the application will fail to execute without the hardware key. Software vendors can choose which specific code blocks should be protected via an easy-to-use graphical interface.
  • Easy implementation—The process of binding the software to the hardware key, analyzing which code can be executed on the token, and converting code into token-executable form is fully automated.
  • Nothing is stored on the token—Unlike competitive solutions, all of the code resides on the hard drive of the machine running the protected application. Only at run time, a small piece of code is executed on the token. User memory on the key is not impacted.
  • Internal processes are unaffected—Protected applications do not require version tracking at the software vendor’s end, and key updates in the field are not required for new versions of the protected software.
  • No headaches for legitimate end users—AppOnChip functionality is transparent to the end user.
  • Currently available at no extra cost—AppOnChip’s introductory offer is available to all vendors at no extra cost with Sentinel LDK 7.0. In future releases, the use of AppOnChip may require the purchase of a separate license module.

“Many ISVs have avoided implementing software security to the level provided by AppOnChip because it was a cumbersome, manual process,” said Michael Zunke, CTO of SafeNet’s software monetization division. “Now, SafeNet customers can implement token-based software execution technology at the touch of a button. We believe that the additional security that AppOnChip delivers makes Sentinel LDK the most secure software licensing implementation available in the market.”

The realities in the life of software developers are that they want more time to do what they do best, i.e., develop great applications. They also desire spending less time sweating the business part of the business. This means less time worrying about the protection of their intellectual property when it is at rest or on the move. It means having better visibility into who, what, when, where, why and how their applications are being used. 

image via shutterstock

Ultimately it means having assurance that they are getting paid in a timely manner by only those authorized to subscribe to their capabilities. After all, because unlawful use of software can cost a developer potentially millions, pardon the pun, but securing the entire transactional ecosystem is key.

The good news stemming from the additional protection for those using SafeNet’s comprehensive software monetization solutions is that bad actors are going to find this extremely challenging to compromise. SafeNet says it is offering the most secure software monetization solution in the market. It is a claim that they stand ready to validate.

Edited by Ryan Sartor
Article comments powered by Disqus