How to prevent software piracy

BROWSE BY TAG Expert Archive: Security Management,   Application and Platform Security,   Web Security Tools and Best Practices,   Web Application Security,   Enterprise Data Protection,   Enterprise Data Governance,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Expert Archive: Security Management What is the GISP certification and how does it compare to the CISSP certification? Using a QSA to write up a PCI DSS report on compliance (ROC) How can gap analysis be applied to the security SDLC? Comparing cheap security products and appliances to costly appliances What are some tips on protecting my security budget in a poor economy? What value do research firms provide to their subscribing enterprises? What certificate offers the best ROI for an IT project manager? Is insider activity or outsider activity a bigger enterprise threat? How does information security prevent fraud in the enterprise? Differences between an SAS 70 data center and a Tier III data center Web Application Security Black box and white box testing: Which is best? InZero Systems launches hardware-based security gateway Web application vulnerability assessment shows patching progress Preventing SQL injection attacks: A network admin's perspective Cisco acquires SaaS security vendor ScanSafe Web application firewall use goes beyond compliance, company finds Gumblar Trojan drive-by exploits spike following Adobe update Some Facebook applications lead to Russian attack sites Barracuda acquires Purewire expanding Web security reach An enterprise strategy for Web application security threats Enterprise Data Governance How to protect distributed information flows Interpreting 'risk' in the Massachusetts data protection law Creating an enterprise data protection framework Analyst DLP study finds maturity, ranks top DLP vendors Voltage, RSA spar over tokenization, data protection Twitter gets condemned by CISOs at Forrester forum PCI DSS compliance requirements: Ensuring data integrity Trustwave acquires data loss prevention vendor Vericept Data has become too distributed to secure, Forrester says Cloud-based security services should start private

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary anonymous Web surfing  (SearchSecurity.com) buffer overflow  (SearchSecurity.com) cache cramming  (SearchSecurity.com) cookie poisoning  (SearchSecurity.com) dictionary attack  (SearchSecurity.com) distributed denial-of-service attack  (SearchSecurity.com) JavaScript hijacking  (SearchSecurity.com) National Computer Security Center  (SearchSecurity.com) threat modeling  (SearchSecurity.com) trigraph  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

Software publishers have several options to protect their intellectual property from thieves. Unfortunately, none of them are foolproof and all risk negatively affecting the user experience.

The most widely used method is the license key; code that is built into an application to require a valid key to unlock the software. This key can be distributed via packaging or some other online mechanism. There are a variety of tool kits available to allow corporations to easily build this capability into their products. Just search the Web for "software licensing toolkits" and you'll be busy for a few days wading through options.

Some shopping cart providers, such as Digital River Inc., include these kinds of licensing capabilities, offering an end-to-end method for everything from hosting a store, to distributing software, to managing licensing keys (so you don't have to). But be ready to part with a percentage of your sales for that privilege.

If organizations are worried about someone stealing their source code, then they need to look into a code-theft and antipiracy package. This is a nascent market, with players like V.I. Laboratories Inc., Arxan Technologies Inc. and Aladdin Knowledge Systems Inc., which actually encrypts the source code within an application so it can't be reverse engineered or stolen in any other way. These products tend to be pretty pricey (since it's an early market) and they aren't mainstream.

When dealing with Web applications, corporations should think about running PHP code using a tool like Zend Technologies Inc.'s Zend Guard, which provides a run-time environment to compile Web applications and thus shield the source code from the browsers.

For more information: